961 Results for:CVE

  • Sort by: 

Ransomware gangs exploiting ConnectWise ScreenConnect flaws

By Arielle Waldman 27 Feb 2024

Ransomware activity is ramping up against vulnerable ScreenConnect systems as Black Basta and Bl00dy threat actors were observed exploiting the vulnerabilities. Read More

Microsoft’s Christmas present for cyber teams: no zero-days

By Alex Scroxton 13 Dec 2023

Barely 30 vulnerabilities, and no zero-days, have been fixed in the final Patch Tuesday drop of 2023 Read More

Change Healthcare breached via Citrix portal with no MFA

By Arielle Waldman 30 Apr 2024

UnitedHealth Group CEO Andrew Witty's opening statement for Wednesday's congressional hearing shed more light on the ransomware attack against Change Healthcare. Read More

Eclypsium: Ivanti firmware has 'plethora' of security issues

By Alexander Culafi 15 Feb 2024

In its firmware analysis, Eclypsium found that the Ivanti Pulse Secure appliance used a version of Linux that was more than a decade old and several years past end of life. Read More

JetBrains, Rapid7 clash over vulnerability disclosure policies

By Arielle Waldman 14 Mar 2024

In a blog post this week, JetBrains argued that attacks on TeamCity customers were the result of Rapid7 publishing the full technical details of two critical vulnerabilities. Read More

Microsoft halts 3 zero-days on November Patch Tuesday

By Tom Walat 14 Nov 2023

Microsoft addresses 67 vulnerabilities, including six critical, and shuts down four bugs in the Exchange Server email platform this month. Read More

China’s UNC4841 pivots to new Barracuda ESG zero-day

By Alex Scroxton 02 Jan 2024

The Chinese state threat actor behind a series of cyber attacks on Barracuda Networks customers embarked on a campaign targeting the supplier’s email security products in the run-up to Christmas Read More

Microsoft starts year with a subdued January Patch Tuesday

By Tom Walat 09 Jan 2024

For the second month in a row, Microsoft had no zero-days and relatively few vulnerabilities for administrators to address. Read More

Spyware vendors behind 75% of zero-days targeting Google

By Alexander Culafi 27 Mar 2024

Google observed 97 zero-day vulnerabilities exploited in the wild last year, which was more than a 50% increase over the 62 exploited zero-day vulnerabilities tracked in 2022. Read More

Threat actors targeting critical OwnCloud vulnerability

By Arielle Waldman 27 Nov 2023

Researchers observed exploitation attempts against a vulnerability affecting OwnCloud's Graph API app, highlighting threat actors' continued focus on file-sharing products. Read More