961 Results for:CVE

  • Sort by: 

Kaspersky shares Pegasus spyware-hunting tool

By Alex Scroxton 16 Jan 2024

Kaspersky has developed a way of easily exposing the presence of Pegasus spyware on iOS devices and believes its methodology may also help users identify other such surveillance malware Read More

Nokoyawa ransomware exploits Windows CLFS zero-day

By Arielle Waldman 12 Apr 2023

The Nokoyawa ransomware attacks highlight the growing use of zero-day exploits by a variety of threat groups, including financially motivated cybercriminals. Read More

Risk & Repeat: Highlights from Black Hat USA 2023

By Alexander Culafi 17 Aug 2023

Black Hat USA 2023 in Las Vegas covered several trends, such as generative AI and cloud security issues, as well as new vulnerabilities, including the Downfall flaw in Intel chips. Read More

8 blockchain security risks to weigh before adoption

29 Nov 2023

Blockchain and smart contracts have their own unique vulnerabilities. But poor code testing, cryptographic keys and generic network attacks will get you, too. Read More

Apple patches new iPhone zero-day

By Alex Scroxton 25 Oct 2022

Apple’s latest patch fixes yet another zero-day, as security issues keep surfacing in its mobile products Read More

CrowdStrike warns of rise in VMware ESXi hypervisor attacks

By Arielle Waldman 15 May 2023

As enterprise adoption of virtualization technology increases, CrowdStrike has observed a rise in ransomware attacks on servers running VMware's ESXi bare-metal hypervisors. Read More

CISA: Truebot malware infecting networks in U.S., Canada

By Alexander Culafi 06 Jul 2023

CISA warned of Truebot attacks in a joint advisory alongside the FBI, the Canadian Centre for Cyber Security and the Multi-State Information Sharing and Analysis Center. Read More

Microsoft fixes two zero-days in final Patch Tuesday of 2022

By Alex Scroxton 14 Dec 2022

December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Read More

Victims of MOVEit SQL injection zero-day mount up

By Alex Scroxton 06 Jun 2023

The BBC, Boots, and British Airways are among the victims of cyber incidents arising from a recently disclosed vulnerability in the MOVEit file transfer, exploitation of which is spreading fast Read More

Many Exchange servers still vulnerable to ProxyNotShell flaw

By Alexander Culafi 03 Jan 2023

A new exploit chain using one of the ProxyNotShell vulnerabilities has bypassed Microsoft's URL Rewrite mitigations from September and put Exchange servers at risk. Read More