Zero-day vulnerability

Zero-day vulnerability | News, how-tos, features, reviews, and videos

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa
zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

Scanning for vulnerabilities.

The Apache Log4j vulnerabilities: A timeline

The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded.

A laptop user with magnifying lens examines binary data.

How to detect Log4Shell exposure and exploitation

Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help.

Skull-and-crossbones, code and the 'stop' gesture: hand held forward, palm out, fingers pointing up

Second Log4j vulnerability carries denial-of-service threat, new patch available

The fallout from the Apache Log4j vulnerability continues as researchers discover a second exploit that could lead to denial-of-service attacks. A patch is available to fix the issue.

a hooded figure targets a coding vulnerability

4 ways to properly mitigate the Log4j vulnerabilities (and 4 to skip)

A sure-fire way to prevent exploitation of Log4j vulnerabilities has yet to appear, but these actions are your best bet for reducing risk.

Abstract Java code

Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps

The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components and development frameworks that rely on it.

A laptop displays binary code and the flag of China.

Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation

The attackers used the exploit to deploy a new remote shell Trojan called MysterySnail.

emergency disaster recovery business continuity binary by dsgpro getty images 182712891

Microsoft Exchange Emergency Mitigation: What admins need to know

The Emergency Mitigation service adds protections to Exchange Server in the wake of recent zero-day compromises.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to mitigate the Microsoft Office zero-day attack

Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.

security threats and vulnerabilities

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.

binary cyberattack cybersecurity hacked protected

Why the Microsoft Exchange Server attack isn’t going away soon

For some victims, patching and proper forensics will be difficult, plus new threat actors are now exploiting the same Exchange Server vulnerabilities.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to patch Exchange Server for the Hafnium zero-day attack

Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.

A broken link in a digital chaing / weakness / vulnerability

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

information security 2

How to write an information security policy

Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.

Red team versus blue team: How to run an effective simulation

Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.

How to survive (and thrive) in the CISO hot seat

The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.

Special report: platforms play big in the cloud

This latest report in our C-Suite 360 series takes a full-spectrum look at the opportunities and risks in cloud computing, offering up the expert information your organization needs to set its cloud strategy.

Load More
You Might Also Like