961 Results for:CVE

  • Sort by: 

Scope of British Library data breach widens

By Alex Scroxton 28 Nov 2023

Personal data on British Library users has appeared for sale on the dark web following a Rhysida ransomware attack, as the scope of the still-developing incident widens again Read More

Risk & Repeat: Analyzing the Rackspace ransomware attack

By Alexander Culafi 10 Jan 2023

This Risk & Repeat podcast episode discusses new details of the Rackspace ransomware attack, as well as the questions remaining following the company's final status update. Read More

XSS zero-day flaw in Zimbra Collaboration Suite under attack

By Alexander Culafi 14 Jul 2023

A manual workaround is currently available for a cross-site scripting vulnerability in Zimbra Collaboration Suite, though a patch won't be available until later this month. Read More

OpenSSL vulnerabilities get high-priority patches

By Shaun Nichols 01 Nov 2022

The OpenSSL Project released version 3.0.7 Tuesday to address a pair of high-severity buffer overflow vulnerabilities in the widely used cryptography library. Read More

Canada’s Mounties among government employees hit by LockBit

By Alex Scroxton 21 Nov 2023

A LockBit attack on a specialist supplier of relocation services has engulfed multiple government agencies in Canada Read More

Fortinet confirms VPN vulnerability exploited in the wild

By Arielle Waldman 12 Dec 2022

In an advisory Monday, Fortinet urged customers to take steps to immediately mitigate the critical flaw, which was disclosed earlier by French infosec firm Olympe Cyberdefense. Read More

Researchers find new bug ‘class’ in Apple devices

By Alex Scroxton 22 Feb 2023

A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix Read More

Cisco, CISA warn 2 AnyConnect flaws are under attack

By Arielle Waldman 26 Oct 2022

CISA added two Cisco AnyConnect flaws to its Known Exploited Vulnerabilities catalog, which signals active exploitation and an urgency to patch. Read More

Spyware activity particularly impactful in July

By Alex Scroxton 04 Aug 2022

After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report Read More

Windows zero-day quashed for September Patch Tuesday

By Tom Walat 13 Sep 2022

A relatively light patching workload awaits admins this month, but a "wormable" threat should increase the sense of urgency to rapidly deploy Microsoft's batch of fixes. Read More