-
Over 15 Million Systems Exposed to Known Exploited Vulnerabilities
Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical…
-
Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits
Enterprise IT, network and security product vulnerabilities were among those actively exploited in zero-day attacks last year, according to a recent Mandiant report. Mandiant tracked 55 zero-day vulnerabilities that were…
-
Microsoft Targets Critical Outlook Zero-Day Flaw
Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. According to Crowdstrike researchers, 40 percent of the…
-
BlackMamba PoC Malware Uses AI to Avoid Detection
HYAS researchers recently developed proof-of-concept (PoC) malware that leverages AI both to eliminate the need for command and control (C2) infrastructure and to generate new malware on the fly in…
-
Biden Cybersecurity Strategy: Big Ambitions, Big Obstacles
The White House’s National Cybersecurity Strategy unveiled yesterday is an ambitious blueprint for improving U.S. cybersecurity and threat response, but some of the more ambitious items will take time to…
-
Cloudflare Blocks Record DDoS Attack as Threats Surge
Cloudflare mitigated dozens of hyper-volumetric DDoS attacks last weekend, most of them ranging from 50 to 70 million requests per second (RPS) – and the largest one exceeding 71 million…
-
Microsoft Patch Tuesday Includes Three Exploited Zero-Day Vulnerabilities
Microsoft’s February 2023 Patch Tuesday fixes 75 vulnerabilities, nine of them rated critical, and three (all rated important) that are being exploited. “This is only the second Patch Tuesday of…
-
Cybersecurity Analysts Using ChatGPT for Malicious Code Analysis, Predicting Threats
ChatGPT has raised alarm among cybersecurity researchers for its unnerving ability in composing everything from sophisticated malware to phishing lures – but it’s important to keep in mind that the…
-
Hackers Use RMM Software to Breach Federal Agencies
Cybercriminals recently breached U.S. federal agencies using remote monitoring and management (RMM) software as part of a widespread campaign. The malicious campaign began in June 2022 or earlier and was…
-
Threat Groups Distributing Malware via Google Ads
Security researchers are warning that Google Ads are being actively leveraged to distribute malware to unsuspecting victims searching for software downloads. On January 20, CronUp researcher Germán Fernández warned that…
