961 Results for:CVE

  • Sort by: 

Flashpoint: Threat vectors converging, increasing damage

By Arielle Waldman 09 Mar 2023

The threat intelligence vendor warned that threat actors are increasingly combining known vulnerabilities, stolen credentials and exposed data to wreak maximum damage. Read More

Microsoft addresses two zero days in December Patch Tuesday

By Alexander Culafi 13 Dec 2022

December's Patch Tuesday features fixes for 48 new bugs, including several critical vulnerabilities and two zero days, one of which is currently being exploited in the wild. Read More

Play ransomware actors bypass ProxyNotShell mitigations

By Arielle Waldman 21 Dec 2022

CrowdStrike is urging organizations to apply the latest Microsoft Exchange updates after investigations revealed attackers developed a bypass for ProxyNotShell mitigations. Read More

Threat activity increasing around Fortinet VPN vulnerability

By Arielle Waldman 02 Feb 2023

Following public disclosure of the critical VPN flaw in December, multiple reports show threat actors are exploiting it to target high-profile organizations. Read More

Microsoft fixes lone zero-day on October Patch Tuesday

By Alex Scroxton 12 Oct 2022

Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen Read More

Barracuda zero-day bug exploited months prior to discovery

By Alexander Culafi 31 May 2023

Barracuda said a zero-day flaw used to target its email security gateway appliance customers is a remote command injection vulnerability exploited since at least October 2022. Read More

CISA battles ESXiArgs ransomware campaign with recovery tool

By Alexander Culafi 08 Feb 2023

The U.S. Cybersecurity and Infrastructure Security Agency published a decryptor script intended to assist VMware customers affected by ESXiArgs ransomware. Read More

Microsoft serves smorgasbord of six zero-days

By Alex Scroxton 09 Nov 2022

November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity Read More

Barracuda ESG users told to throw away their hardware

By Alex Scroxton 09 Jun 2023

Owners of Barracuda Email Security Gateway appliances are being told that they will need to throw out and replace their kit after it emerged that a patch for a recently disclosed vulnerability had not done the job Read More

Palo Alto: SugarCRM zero-day reveals growing cloud threats

By Arielle Waldman 10 Aug 2023

Recent incident response investigations reveal that attackers are becoming more advanced when it comes to the cloud, but there are steps enterprises can take to mitigate risks. Read More