Threats and vulnerabilities

Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.

Top Stories

Conference Coverage 13 May 2025
RSAC Conference 2025

Follow SearchSecurity's RSAC 2025 guide for insightful pre-conference insights and reports on notable presentations and breaking news at the world's biggest infosec event. Continue Reading
By
- Sharon Shea, Executive Editor
News 09 May 2025
News brief: AI security risks highlighted at RSAC 2025

Check out the latest security news from the Informa TechTarget team. Continue Reading
By
- Sharon Shea, Executive Editor

News 16 Feb 2023
Google: Russia continues to set cyber sights on NATO nations

A new report from Google's Threat Analysis Group shed light on Russia's efforts to conduct malicious cyber campaigns not only against Ukraine but also NATO nations too. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Feb 2023
Ransomware actors increasingly weaponizing old vulnerabilities

A new report from Cyber Security Works shows that 76% of all ransomware-associated vulnerabilities tracked in 2022 were old flaws initially discovered between 2010 and 2019. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 15 Feb 2023
Cisco Talos spots new MortalKombat ransomware attacks

Researchers discovered the threat campaign is also using a new GO version of malware called Laplas Clipper to steal cryptocurrency from individuals and businesses in the U.S. Continue Reading
By
- Arielle Waldman, News Writer
Podcast 15 Feb 2023
ESXiArgs attack vector unclear as infections continue

This Risk & Repeat podcast episode discusses the recent developments involving ESXiArgs, the ransomware variant that has been infecting vulnerable VMware ESXi servers this month. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 14 Feb 2023
Dragos: ICS/OT ransomware attacks up 87%

Ransomware attacks against industrial organizations remains a growing problem, according to ICS/OT vendor Dragos' new 'Year in Review 2022' report. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 13 Feb 2023
Namecheap email system hacked, used for phishing campaign

While the domain registrar said it was not breached directly, it did confirm its third-party email system was compromised Sunday and warned customers not to open any unauthorized emails. Continue Reading
By
- Arielle Waldman, News Writer
News 10 Feb 2023
New ESXi ransomware strain spreads, foils decryption tools

Since the onset of the widespread attacks last week, the ESXiArgs ransomware strain appears to have undergone updates that make it harder for enterprises to recover data. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2023
U.S., U.K. hit TrickBot cybercrime gang with sanctions

TrickBot malware has caused considerable damage to U.S. organizations, particularly in the healthcare industry, and was used in Conti and Ryuk ransomware attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2023
Hypervisor patching struggles exacerbate ESXiArgs attacks

Ransomware hit a high number of unpatched VMware ESXi servers by exploiting two- and three-year-old flaws, which has put hypervisor patching difficulties in the spotlight. Continue Reading
By
- Arielle Waldman, News Writer
News 09 Feb 2023
Thousands of victims apparently hit by ESXiArgs ransomware

A joint security advisory from CISA and the FBI said the ESXiArgs ransomware campaign has claimed over 3,800 servers globally since attacks first emerged last week. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 09 Feb 2023
crypto wallet (cryptocurrency wallet)

A crypto wallet (cryptocurrency wallet) is software or hardware that enables users to store and use cryptocurrency. Continue Reading
By
- Sean Michael Kerner
News 08 Feb 2023
CISA battles ESXiArgs ransomware campaign with recovery tool

The U.S. Cybersecurity and Infrastructure Security Agency published a decryptor script intended to assist VMware customers affected by ESXiArgs ransomware. Continue Reading
By
- Alexander Culafi, Senior News Writer
Podcast 08 Feb 2023
ESXiArgs ransomware campaign raises concerns, questions

This Risk & Repeat podcast looks at the widespread ESXiArgs ransomware attacks and the questions they've raised about the threat landscape, vulnerability patching and more. Continue Reading
By
- Rob Wright, Senior News Director
Definition 08 Feb 2023
reverse brute-force attack

A reverse brute-force attack is a type of brute-force attack in which an attacker uses a common password against multiple usernames in an attempt to gain access to a network. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
Definition 07 Feb 2023
messaging security

Messaging security is a subcategory of unified threat management, or UTM, focused on securing and protecting an organization's communication infrastructure. Continue Reading
By
- Sarah Lewis
News 06 Feb 2023
Vastaamo hacking suspect arrested in France

The suspect in the infamous cyber attack, Julius Kivimäki, is a 25-year-old Finnish man who was arrested after being remanded in absentia in October 2022. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 06 Feb 2023
Widespread ransomware campaign targets VMware ESXi servers

The attacks exploited a two-year-old heap overflow vulnerability in VMware ESXi. Many questions remain about the scope of the campaign and the threat actor behind it. Continue Reading
By
- Arielle Waldman, News Writer
News 02 Feb 2023
Threat activity increasing around Fortinet VPN vulnerability

Following public disclosure of the critical VPN flaw in December, multiple reports show threat actors are exploiting it to target high-profile organizations. Continue Reading
By
- Arielle Waldman, News Writer
News 02 Feb 2023
HeadCrab malware targets Redis to mine cryptocurrency

Aqua Security said the HeadCrab botnet has taken control of at least 1,200 servers via internet-facing instances of the opensource DBMS Redis and is using them for cryptomining. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 01 Feb 2023
What reverse shell attacks are and how to prevent them

Attackers use reverse shells to covertly attack an organization's environment. Discover what a reverse shell is and how to mitigate such attacks. Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 31 Jan 2023
Dridex malware

Dridex is a form of malware that targets victims' banking information, with the main goal of stealing online account credentials to gain access to their financial assets. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 31 Jan 2023
Horizon3.ai releases POC exploit for VMware vulnerabilities

Penetration testing vendor Horizon3.ai published technical details and exploit code for three new CVEs in VMware vRealize Log Insight that can be chained for remote code execution. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 24 Jan 2023
backdoor (computing)

A backdoor attack is a means to access a computer system or encrypted data that bypasses the system's customary security mechanisms. Continue Reading
By
- Ben Lutkevich, Site Editor
- Brien Posey
Tip 20 Jan 2023
How to select a security analytics platform, plus vendor options

Security analytics platforms aren't traditional SIEM systems, but rather separate platforms or a SIEM add-on. Learn more about these powerful and important tools. Continue Reading
By
- Paul Kirvan
Opinion 20 Jan 2023
6 cybersecurity buzzwords to know in 2023

Enterprise Strategy Group research indicates many organizations will increase cybersecurity spending in 2023, and with that comes an evolving set of vendor buzzwords to sort out. Continue Reading
By
- Jon Oltsik, Analyst Emeritus
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 19 Jan 2023
Chainalysis: Ransomware payments down, fewer victims paying

Ransomware payments dropped significantly this past year, falling more than 40% from 2021, according to new research from blockchain analysis firm Chainalysis. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 19 Jan 2023
Heartbleed

Heartbleed was a vulnerability in some implementations of OpenSSL, an open source cryptographic library. Continue Reading
By
- Sharon Shea, Executive Editor
News 18 Jan 2023
Bitzlato cryptocurrency exchange founder arrested, charged

Russian national Anatoly Legkodymov is accused of using Bitzlato to process more than $700 million in illicit cryptocurrency transactions, including ransomware payments. Continue Reading
By
- Arielle Waldman, News Writer
Tip 18 Jan 2023
Top 10 ICS cybersecurity threats and challenges

Industrial control systems are subject to both unique and common cybersecurity threats and challenges. Learn about the top ones here and how to mitigate them. Continue Reading
By
- Ashwin Krishnan, StandOutin90Sec
News 17 Jan 2023
Microsoft fixes SSRF vulnerabilities found in Azure services

Orca Security, which discovered the Azure flaws, warned enterprises to be aware of SSRF attacks, which can result in a threat actor accessing or modifying sensitive data. Continue Reading
By
- Arielle Waldman, News Writer
News 12 Jan 2023
Windows zero day patched but exploitation activity unclear

Avast threat researchers detected exploitation of a Windows zero-day flaw in the wild, and organizations are being urged to patch the flaw immediately. Continue Reading
By
- Arielle Waldman, News Writer
News 11 Jan 2023
Vulnerable software, low incident reporting raises risks

Beneath the buzz around tech innovations at CES were discussions about cybersecurity and how to prevent the next generation of tech from being just as vulnerable as the last. Continue Reading
By
- Bridget Botelho, Editorial Director, News
Tip 10 Jan 2023
How to prevent and detect lateral movement attacks

Reduce the success of lateral movement attacks by performing these eight key cybersecurity activities at strategic, operational and proactive levels. Continue Reading
By
- Charles Kolodgy, Security Mindsets
News 06 Jan 2023
Rackspace: Ransomware actor accessed 27 customers' data

Rackspace said Personal Storage Tables of 27 customers were accessed in the attack last month, but added there was no evidence threat actors viewed, obtained or misused the data. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 05 Jan 2023
Windows security tips for the enterprise

Securing a Windows environment is no easy feat. Read up on low-hanging fruit to quickly address, as well as top tips from two security practitioners to get started. Continue Reading
By
- Kyle Johnson, Technology Editor
News 04 Jan 2023
Rackspace: Ransomware attack caused by zero-day exploit

The exploit that led to the Rackspace ransomware attack, referred to as OWASSRF, combines two Exchange Server flaws -- CVE-2022-41080 and a ProxyNotShell flaw, CVE-2022-41082. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 03 Jan 2023
Many Exchange servers still vulnerable to ProxyNotShell flaw

A new exploit chain using one of the ProxyNotShell vulnerabilities has bypassed Microsoft's URL Rewrite mitigations from September and put Exchange servers at risk. Continue Reading
By
- Alexander Culafi, Senior News Writer
Definition 29 Dec 2022
credential theft

Credential theft is a type of cybercrime that involves stealing a victim's proof of identity. Continue Reading
By
- Corinne Bernstein
Tip 27 Dec 2022
How to prevent and mitigate process injection

Process injection is a defense evasion technique that helps attackers hide from enterprise security systems. Learn how it works and how to mitigate it. Continue Reading
By
- Rob Shapland
News 21 Dec 2022
Play ransomware actors bypass ProxyNotShell mitigations

CrowdStrike is urging organizations to apply the latest Microsoft Exchange updates after investigations revealed attackers developed a bypass for ProxyNotShell mitigations. Continue Reading
By
- Arielle Waldman, News Writer
News 20 Dec 2022
Malicious Python package in PyPI poses as SentinelOne SDK

No attacks resulting from the malicious Python package have been recorded to date. However, according to PyPI, more than 1,000 users had downloaded it before it was taken down. Continue Reading
By
- Alexander Culafi, Senior News Writer
Tip 20 Dec 2022
What enumeration attacks are and how to prevent them

Web applications may be vulnerable to user enumeration attacks. Learn how these brute-forcing attacks work and how to prevent them. Continue Reading
By
- Ravi Das, ML Tech Inc.
Feature 19 Dec 2022
11 cybersecurity predictions for 2023

Analysts and experts have looked into their crystal balls and made their cybersecurity predictions for 2023. Is your organization prepared if these predictions come true? Continue Reading
By
- Kyle Johnson, Technology Editor
Definition 16 Dec 2022
GPS jamming

GPS jamming is the act of using a frequency transmitting device to block or interfere with radio communications. Continue Reading
By
- Sarah Lewis
News 15 Dec 2022
Check Point classifies Azov as wiper, not ransomware

While Azov was initially considered ransomware, Check Point researchers warned the polymorphic malware is designed to inflict maximum damage to targeted systems. Continue Reading
By
- Arielle Waldman, News Writer
News 14 Dec 2022
Cybereason warns of rapid increase in Royal ransomware

Enterprises need to be aware of the group's partial encryption technique because the less data it encrypts, the less chance the activity will be detected by a security product. Continue Reading
By
- Arielle Waldman, News Writer
News 13 Dec 2022
Microsoft addresses two zero days in December Patch Tuesday

December's Patch Tuesday features fixes for 48 new bugs, including several critical vulnerabilities and two zero days, one of which is currently being exploited in the wild. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 13 Dec 2022
Citrix ADC and Gateway zero day under active exploitation

The NSA said that APT5, a suspected Chinese nation-state threat group, is actively exploiting the Citrix zero-day flaw, which affects the vendor's ADC and Gateway products. Continue Reading
By
- Alexander Culafi, Senior News Writer
Feature 13 Dec 2022
12 types of wireless network attacks and how to prevent them

From packet sniffing and rogue access points to spoofing attacks and encryption cracking, learn about common wireless network attacks and how to prevent them. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
- Sharon Shea, Executive Editor
News 12 Dec 2022
Fortinet confirms VPN vulnerability exploited in the wild

In an advisory Monday, Fortinet urged customers to take steps to immediately mitigate the critical flaw, which was disclosed earlier by French infosec firm Olympe Cyberdefense. Continue Reading
By
- Arielle Waldman, News Writer
Feature 07 Dec 2022
Understanding malware analysis and its challenges

Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
By
- Kyle Johnson, Technology Editor
Feature 07 Dec 2022
Why is malware analysis important?

Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
By
- Kyle Johnson, Technology Editor
- Packt Publishing
News 06 Dec 2022
MegaRAC flaws, IP leak impact multiple server brands

MegaRAC BMC software from American Megatrends, Inc. have a trio of serious security vulnerabilities that were discovered following an intellectual property leak. Continue Reading
By
- Shaun Nichols
News 05 Dec 2022
Education sector hit by Hive ransomware in November

The education sector remained a popular target last month, particularly from Hive, a ransomware-a-as-a-service group, that even warranted a government alert in late November. Continue Reading
By
- Arielle Waldman, News Writer
Definition 05 Dec 2022
Evil Corp

Evil Corp is an international cybercrime network that uses malicious software to steal money from victims' bank accounts and to mount ransomware attacks. Continue Reading
By
- Ben Lutkevich, Site Editor
Definition 02 Dec 2022
Trojan horse

In computing, a Trojan horse is a program downloaded and installed on a computer that appears harmless, but is, in fact, malicious. Continue Reading
By
- Casey Clark, TechTarget
- Michael Cobb
News 01 Dec 2022
Archive files become preferred format for malware delivery

The team at HP Wolf Security found that cybercriminals are using archive files as the preferred method for spreading malware, beating Microsoft Office for the first time. Continue Reading
By
- Shaun Nichols
News 30 Nov 2022
Exchange Server bugs caused years of security turmoil

The four high-profile sets of security vulnerabilities in Microsoft Exchange Server, disclosed by researcher Orange Tsai, are set to remain a major concern for organizations. Continue Reading
By
- Shaun Nichols
Podcast 30 Nov 2022
Risk & Repeat: Twitter, Elon Musk and security concerns

This podcast episode discusses Twitter's security concerns following Elon Musk's acquisition last month, as well as a possible data breach from 2021 that came to light recently. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 30 Nov 2022
Tenable: 72% of organizations remain vulnerable to Log4Shell

New research shows the attack surface remains wide for the Log4j vulnerability, known as Log4Shell, which caused significant problems for organizations over the past year. Continue Reading
By
- Arielle Waldman, News Writer
News 28 Nov 2022
Infosec researcher reports possible 'massive' Twitter breach

The alleged Twitter breach involves a data set from late 2021 and includes the phone numbers and personal information of millions of users in the U.S. and Europe. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 28 Nov 2022
Small open source projects pose significant security risks

Open source security initiatives might prevent large-scale vulnerabilities such as Log4j, but smaller projects pose risks without more maintainer support, industry experts say. Continue Reading
By
- Stephanie Glen, News Writer
News 23 Nov 2022
Cybereason warns of fast-moving Black Basta campaign

Threat actors with the Black Basta ransomware-as-a-service group are compromising networks in as little as one hour and stealing sensitive data before disabling DNS services. Continue Reading
By
- Arielle Waldman, News Writer
Definition 22 Nov 2022
buffer underflow

A buffer underflow, also known as a buffer underrun or a buffer underwrite, is when the buffer -- the temporary holding space during data transfer -- is fed data at a lower rate than it is being read from. Continue Reading
By
- Sarah Lewis
Opinion 21 Nov 2022
Ransomware preparedness: The long road ahead

Is your organization ready for ransomware? A recent survey shows that businesses in a variety of industries are all struggling with ransomware prevention and recovery. Continue Reading
By
- Christophe Bertrand
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
News 17 Nov 2022
Magecart malware menaces Magento merchants

Sansec researchers say as many as 38% of commercial customers running the Adobe Commerce and Magento platforms could be infected with Magecart's TrojanOrders malware. Continue Reading
By
- Shaun Nichols
Tip 17 Nov 2022
Top 5 vulnerability scanning tools for security teams

Use these five vulnerability scanning tools to find weaknesses and potential exploits in web applications, IT and cloud infrastructure, IoT devices and more. Continue Reading
By
- Karen Scarfone, Scarfone Cybersecurity
Podcast 16 Nov 2022
Risk & Repeat: Researchers criticize HackerOne

This podcast episode discusses a recent TechTarget Security article about bug bounty platform HackerOne in which researchers aired several complaints about the company. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 16 Nov 2022
Rapid7 discloses more F5 BIG-IP vulnerabilities

While the severity of the issues is relatively low, F5 devices are commonly targeted by attackers to gain persistence inside a network. Continue Reading
By
- Arielle Waldman, News Writer
Tip 14 Nov 2022
Dissect open source ransomware code to understand an attack

To protect your organization from ransomware, it's helpful to know what goes on behind the scenes. Unpack this ransomware code example to understand and defend against attacks. Continue Reading
By
- Matt Grasberger, Red Guava
News 10 Nov 2022
Flashpoint launches new 'ransomware prediction model'

Flashpoint's new model assigns a 'ransomware likelihood' rating for vulnerabilities contained in the VulnDB database, which contains more than 300,000 flaws. Continue Reading
By
- Arielle Waldman, News Writer
Tip 10 Nov 2022
Common lateral movement techniques and how to prevent them

Lateral movement techniques enable attackers to dig deeper into compromised environments. Discover what lateral movement attacks are and four attack techniques. Continue Reading
By
- Ravi Das, ML Tech Inc.
Tip 08 Nov 2022
Types of vulnerability scanning and when to use each

Vulnerability scanning gives companies a key weapon when looking for security weaknesses. Discovery, assessment and threat prioritization are just a few of its benefits. Continue Reading
By
- Paul Kirvan
Feature 08 Nov 2022
How to build a shadow IT policy to reduce risks, with template

With a shadow IT policy in place, organizations reduce security risks from unapproved applications and services that employees introduce independently. Continue Reading
By
- Paul Kirvan
News 07 Nov 2022
Microsoft: Nation-state threats, zero-day attacks increasing

Microsoft's Digital Defense Report 2022 pointed the finger at China, which enacted a new vulnerability disclosure law last year, as the source of many zero-day attacks. Continue Reading
By
- Arielle Waldman, News Writer
News 04 Nov 2022
Yanluowang ransomware gang goes dark after leaks

The Yanluowang ransomware operation appears to have shut down for the time being after an anonymous individual published a series of internal code and chat leaks. Continue Reading
By
- Shaun Nichols
News 03 Nov 2022
Ransomware on the rise, hitting schools and healthcare

October ransomware disclosures and public reports tracked by TechTarget Editorial increased from previous months, with notable attacks on education and healthcare organizations. Continue Reading
By
- Arielle Waldman, News Writer
Definition 03 Nov 2022
Adobe Flash

Adobe Flash is a software platform used to create rich digital content containing animation, graphic effects, streaming video and other interactive elements to deliver engaging user experiences over many platforms, including desktops and mobile devices. Continue Reading
By
- Rahul Awati
News 01 Nov 2022
OpenSSL vulnerabilities get high-priority patches

The OpenSSL Project released version 3.0.7 Tuesday to address a pair of high-severity buffer overflow vulnerabilities in the widely used cryptography library. Continue Reading
By
- Shaun Nichols
Guest Post 28 Oct 2022
It's time to rethink security certification for OT devices

Security certifications don't protect OT devices from vulnerable processes and insecure-by-design practices. It's time to update security certs for the connected OT age. Continue Reading
By
- Daniel dos Santos
Feature 28 Oct 2022
Enterprise ransomware preparedness improving but still lacking

An Enterprise Strategy Group survey found enterprises are making strides in ransomware preparedness, but work remains to prevent and mitigate attacks. Continue Reading
By
- Kyle Johnson, Technology Editor
Opinion 27 Oct 2022
How Sheltered Harbor helps banks navigate cyber-recovery

Banks must be able to recover quickly from a cyber attack -- a difficult task, given the volume and sophistication of attacks. The not-for-profit Sheltered Harbor aims to help. Continue Reading
By
- Vinny Choinski, Senior Analyst
- Enterprise Strategy Group
  We provide market insights, research and advisory, and technical validations for tech buyers.
Tip 27 Oct 2022
Types of cloud malware and how to defend against them

Cloud malware isn't going away anytime soon, but organizations have a growing number of tools at their disposal to combat the threat. Continue Reading
By
- Dave Shackleford, Voodoo Security
News 26 Oct 2022
Cisco, CISA warn 2 AnyConnect flaws are under attack

CISA added two Cisco AnyConnect flaws to its Known Exploited Vulnerabilities catalog, which signals active exploitation and an urgency to patch. Continue Reading
By
- Arielle Waldman, News Writer
News 26 Oct 2022
Researchers criticize HackerOne over triage, mediation woes

HackerOne researchers told TechTarget Editorial that they regularly encountered months-long wait times for responses and a mediation process that rarely favors researchers. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 25 Oct 2022
Apple patches actively exploited zero-day iOS bug

The iOS zero-day was joined by a slew of other vulnerabilities in Apple's Oct. 24 security update. The iOS 16 update contained patches for 13 arbitrary code execution flaws. Continue Reading
By
- Alexander Culafi, Senior News Writer
News 24 Oct 2022
CISA warns of ransomware attacks on healthcare providers

A new CISA advisory warned administrators at hospitals and healthcare providers about newly discovered ransomware variant, dubbed Daixin Team, that poses a particular threat. Continue Reading
By
- Shaun Nichols
Definition 21 Oct 2022
command-and-control server (C&C server)

A command-and-control server (C&C server) is a computer that issues directives to digital devices that have been infected with rootkits or other types of malware, such as ransomware. Continue Reading
By
- Kinza Yasar, Technical Writer
Tip 21 Oct 2022
The top 5 ethical hacker tools to learn

Ethical hackers have a wealth of tools at their disposal that search for vulnerabilities in systems. Learn about five such tools that should be part of any hacker's tool set. Continue Reading
By
- Rob Shapland
Definition 21 Oct 2022
burner phone

A burner phone, or 'burner,' is an inexpensive mobile phone designed for temporary, sometimes anonymous, use, after which it may be discarded. Continue Reading
By
- Katie Terrell Hanna
- Ivy Wigmore
News 21 Oct 2022
BlackByte ransomware using custom data exfiltration tool

Symantec researchers say BlackByte ransomware may be poised to move into the elite ransomware ranks, as the group has begun developing its own custom malware tools. Continue Reading
By
- Shaun Nichols
Definition 20 Oct 2022
RAT (remote access Trojan)

A RAT (remote access Trojan) is malware an attacker uses to gain full administrative privileges and remote control of a target computer. Continue Reading
By
- Kinza Yasar, Technical Writer
News 19 Oct 2022
ProxyLogon researcher details new Exchange Server flaws

After testing Microsoft's mitigations for ProxyLogon, security researcher Orange Tsai discovered new Exchange Server bugs, including one flaw that took more than a year to fix. Continue Reading
By
- Arielle Waldman, News Writer
News 19 Oct 2022
Azure vulnerability opens door to remote takeover attacks

Orca Security researchers uncovered a flaw in Azure Service Fabric that was fixed in last week's Patch Tuesday. It allows elevation of privilege and remote takeover of nodes. Continue Reading
By
- Shaun Nichols
News 18 Oct 2022
Python vulnerability highlights open source security woes

A 15-year-old unpatched vulnerability in a tarfile module for the Python programming language prompted researchers from cybersecurity vendor Trellix to take action. Continue Reading
By
- Arielle Waldman, News Writer
Tip 18 Oct 2022
Compare vulnerability assessment vs. vulnerability management

Vulnerability assessments and vulnerability management are different but similar-sounding security terms. Discover their similarities and differences. Continue Reading
By
- Ravi Das, ML Tech Inc.
Definition 18 Oct 2022
supply chain attack

A supply chain attack is a type of cyber attack that targets organizations by focusing on weaker links in an organization's supply chain. Continue Reading
By
- Alexander S. Gillis, Technical Writer and Editor
News 13 Oct 2022
NPM API flaw exposes secret packages

A flaw in the API for NPM could potentially allow a threat actor to see the internal packages for corporate users -- a possible first step for a supply chain attack. Continue Reading
By
- Shaun Nichols
News 13 Oct 2022
Despite LockBit rebound, ransomware attacks down in 2022

LockBit cybercriminals are back in action with new ransomware attacks and publicity pushes. But many other new groups saw lower levels in activity in Q3, according to Cyberint. Continue Reading
By
- Shaun Nichols
Feature 13 Oct 2022
Why Kali Linux is the go-to distribution for penetration testing

Discover why penetration testers prefer to use the Kali Linux distribution for offensive security, from collecting useful tools together to being usable from multiple devices. Continue Reading
By
- Kyle Johnson, Technology Editor