Rackspace has acknowledged that it was hit by the Play ransomware a month ago in an attack that compromised customers' Microsoft Exchange accounts. The attackers apparently leveraged a zero-day vulne...
Most modern websites and applications connect to databases and the databases are programmed using Structured Query Language (SQL). SQL injection (SQLi) vulnerabilities arise when websites do not adequ...
The best way to prevent ransomware is also the best way to prevent any malware infection - to implement security best practices. Of course, if best practices were easy, no ransomware attacks would o...
Microsoft's December 2022 Patch Tuesday includes fixes for over four dozen vulnerabilities, six of them critical – including a zero-day flaw in the SmartScreen security tool, CVE-2022-44698, that's b...
Team82 researchers have disclosed an attack technique that bypasses industry-leading web application firewalls (WAFs) by appending JSON syntax to SQL injection payloads.
"An attacker able to bypas...
SafeBreach Labs researcher Or Yair has uncovered zero-day vulnerabilities in several leading endpoint detection and response (EDR) and antivirus (AV) solutions that enabled him to turn the tools into...
In a recent analysis of the public and Internet-facing assets of 471 of the Fortune 500 companies, Cyberpion uncovered more than 148,000 critical vulnerabilities (exploits that are publicly available...
Archive files are now the most common file type used to deliver malware – eclipsing Microsoft Office files for the first time – according to HP Wolf Security's Q3 2022 Quarterly Threat Insights Report...
The Wiz Research Team recently discovered a supply chain vulnerability in IBM Cloud that they say is the first to impact a cloud provider's infrastructure.
In a dramatic flair, they named the flaw...
Ransomware has become a potent tool for cybercriminals looking to exploit companies' sensitive data for profit. Ransomware attacks have affected businesses across all sizes, locations, and industries,...