Common Vulnerabilities and Exposures (CVE) stories - Page 7

Mandiant reveals new findings on threat actors exploiting vulnerabilities in Ivanti Connect Secure appliances, laying bare a disturbing mix of state-linked and profit-driven cyberattacks.

BackBox enhances network vulnerability management with an update to its Network Vulnerability Manager, allowing organisations to mark mitigated Common Vulnerabilities and Exposures, thus refining their risk scores and optimising remediation efforts.

An analysis by Rapid7 Labs highlights the importance of the external attack surface in APAC cybersecurity, shedding light on threat activities and how regionally-targeted campaigns are utilised by ransomware actors.

After Avast releases a BianLian decryptor, the hacking group resorts to extortion-only operations, exploiting vulnerabilities like TeamCity servers, reports GuidePoints.

Akamai Technologies boosts security with significant upgrades to its App and API Protector, providing advanced DDoS defenses, browser impersonation detection, and improved API security.

Akamai Technologies bolsters App and API Protector with precise DDoS attack mitigation, URL Protection and Browser Impersonation Detection.

Cyber-insurance provider, Coalition, forecasts a 25% increase in cyber vulnerabilities in 2024, in its just released Cyber Threat Index, warning businesses to prepare for an escalating digital risk landscape.

Cybersecurity firm Trustwave has revealed unique threats facing the education sector in their latest analysis, 2024 Education Threat Landscape, offering key strategies for building cybersecurity resilience.

Hackuity, the RBVM company, attains SOC 2 Type II compliance, showcasing strong data security and compliance that uphold rigorous American standards, providing customers with enterprise-grade security assurance.

Trend Micro discloses critical zero-day vulnerability in Windows Defender, under malicious exploitation by cyber-threat group, Water Hydra, endangering millions of users globally.

Network case anomalies surge 19%, marking a rising and sophisticated threat to operational technology and IoT environments, with manufacturing vulnerabilities rocketing 230%, warns Nozomi Networks Labs.

Video technology leader, Milestone Systems, partners with the Common Vulnerability and Exposures Program, furthering transparency and cooperation in addressing cybersecurity threats.

We see 2024 shaping up to be the defining moment where AI may become the profound battleground in cybersecurity.

Armis's report shows cyber attacks globally doubled in 2023, with utilities and manufacturing sectors the hardest hit.

Less than 1% of security vulnerabilities created the highest risks to businesses in 2023, with 97 high-risk vulnerabilities exploited undetected, says Qualys Threat Research Unit report.

Suspected espionage group UNC5221 exploited two zero-day vulnerabilities in Ivanti VPN and security appliances, using multiple custom malware families for post-exploitation espionage.

Over 40% of firms struggle to tackle vulnerabilities in the rising complexity of software supply chains, despite sizeable resource allocation, says Slim.AI's recent Container Report.

Cybersecurity firm Kaspersky uncovers a new potent malware, NKAbuse, exploiting the NKN technology to launch twin threats as a flooder and a backdoor/RAT, with victims emerging in Colombia, Mexico, and Vietnam.

Kaspersky's GReAT team has uncovered an undisclosed iPhone hardware feature used in Operation Triangulation attacks.

Efforts to mitigate the Log4j vulnerability involve updating to patched versions of Log4j, but the process continues to be complex.