The software supply chain is a critical element in the lifecycle of applications and websites. The interdependencies and components common in modern software development can increase the attack surf...
User's of F5's BIG-IP application services could be vulnerable to a critical flaw that allows an unauthenticated attacker on the BIG-IP system to run arbitrary system commands, create or delete files...
Hackers have found a way to infect Windows Event Logs with fileless malware, security researchers have found.
Kaspersky researchers on May 4 revealed “a new stash for fileless malware.” During a “...
Security researchers have uncovered a critical vulnerability that could lead to DNS spoofing attacks in two popular C standard libraries that provide functions for common DNS operations.
Nozomi Ne...
Databases contain some of the most critical data in enterprises, so vulnerabilities in them are serious issues.
Researchers at Singapore-based cybersecurity company Group-IB recently discovered tho...
Ransomware just keeps getting worse, it seems. Cybersecurity researchers last week revealed that a new ransomware gang called Onyx is simply destroying larger files rather than encrypting them.
As ...
The Microsoft 365 Defender Research Team has revealed several new Linux vulnerabilities collectively dubbed "Nimbuspwn." Like the Dirty Pipe vulnerability, they only need a local user with low capabil...
U.S. cybersecurity agencies joined their counterparts around the globe to urge organizations to address the top 15 vulnerabilities exploited in 2021.
Topping the list were the Log4Shell vulnerabili...
Information gathering is often the starting point of a cyberattack. For many hackers, before attempting anything they want to know who they’re dealing with, what vulnerabilities they might exploit, an...
Vulnerabilities in WatchGuard firewalls and Microsoft Windows and Windows Server need to be patched and fixed immediately, security organizations said in alerts this week.
The U.S. Cybersecurity an...