Vulnerabilities
Vulnerabilities | News, how-tos, features, reviews, and videos
As critical Microsoft vulnerabilities drop, attackers may adopt new techniques
As critical Microsoft software vulnerabilities decline, attackers will need to chain together less severe exploits to achieve code execution, elevate system privilege levels, and move around victim networks.
9 attack surface discovery and management tools
The main goal of cyber asset attack surface management tools is to protect information about a company’s security measures from attackers. Here are 9 tools to consider when deciding what is best for the business.
CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws
The CISA pilot program will notify organizations of vulnerabilities that can lead to ransomware attacks, with small organizations the primary beneficiaries.
Two Patch Tuesday flaws you should fix right now
Vulnerabilities affecting both Outlook for Windows and Microsoft SmartScreen were patched recently — both could have wide-ranging impact.
Attacks on SonicWall appliances linked to Chinese campaign: Mandiant
The technique used in the attack on SonicWall devices are consistent with earlier attacks from a Chinese campaign.
Lazarus group infiltrated South Korean finance firm twice last year
North Korea-linked Lazarus group had infiltrated the affected company in May 2022 and again in October through the same software’s zero-day vulnerability.
Hard-coded secrets up 67% as secrets sprawl threatens software supply chain
2022 was a particularly leaky year in relation to secrets, GitGuardian’s latest State of Secrets Sprawl report finds.
Booking.com account takeover flaw shows possible pitfalls in OAuth implementations
Avoid these simple mistakes when setting up OAuth for third-party authentication to block unauthorized account access.
Unpatched old vulnerabilities continue to be exploited: Report
The top five exploited vulnerabilities in 2022 include several high-severity flaws in Microsoft Exchange, Zoho ManageEngine products, and virtual private network solutions from Fortinet, Citrix and Pulse Secure.
Microsoft tells Exchange admins to revert previously recommended antivirus exclusions
The antivirus exclusion might cause Exchange Server failures or prevent the detection of backdoors planted by attackers.
Companies urged to patch critical vulnerability in Fortinet FortiNAC
The high-severity vulnerability allows unauthorized users to write arbitrary files to the system, and it is being exploited.
At least one open source vulnerability found in 84% of code bases: Report
Almost all applications contain at least some open source code, and 48% of all code bases examined by Synopsys researchers contained high-risk vulnerabilities.
PLC vulnerabilities can enable deep lateral movement inside OT networks
Researchers demonstrate how attackers can target PLCs to bypass authentication and perform remote code execution on industrial networks.
Flaws in industrial wireless IoT solutions can give attackers deep access into OT networks
Greater use of industrial cellular gateways and routers expose IIoT devices to attackers and increase the attack surface of OT networks.
Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition
The cybersecuirty insurer predicts that the 1,900 CVEs would include 270 high-severity and 155 critical-severity vulnerabilities. The predictions are based on data collected over the last ten years.
Critical vulnerability patched in Jira Service Management Server and Data Center
Atlassian has issued fixed versions of the software and described a workaround to the flaw that could make access tokens available to attackers.
Remote code execution exploit chain available for VMware vRealize Log Insight
Researchers found four vulnerabilities in vRealize Log Insight that were relatively non-threatening on their own but lead to significant compromise when used together.
Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges
Proofpoint discovers threat actors targeting verified status in the Microsoft environment to abuse OAuth privileges and lure users into authorizing malicious apps.