Security vulnerabilities stories - Page 12

In the past, mega vulnerabilities happened once a quarter, but this past year we've been dealing with critical vulnerabilities almost weekly in some cases.

Zero Trust is revolutionizing cybersecurity, treating every component as if it's continuously exposed to potential threats. Implementation varies.

China's 8220 Gang has targeted public cloud environments with a custom-built crypto miner and IRC bot, warns Radware.

Trustwave has relaunched its Advanced Continual Threat Hunting platform, resulting in a 3x increase in threat findings.

Claroty's research team, Team82, has examined the GE Proficy Historian, finding five exploitable vulnerabilities capable of causing damage to the system.

Between July and October, Acronis found that the proportion of phishing attacks has risen by 1.3, accounting for 76% of all attacks.

GreyNoise Intelligence unveils its 2022 Mass Exploitation Report, delving deep into threat detection events from the past year.

The Secureworks Counter Threat Unit (CTU) has uncovered a subgroup of Iranian Cobalt Mirage using GitHub to store and deploy malware.

Identified as UNC4191, this cyber espionage threat leverages USB devices as an initial infection vector, concentrates on the Philippines, and has a China nexus.

ASX 200 companies have a good security posture, on-par with global counterparts, according to a new report by Rapid7.

Rapid7 showcases new capabilities at AWS re:Invent 2022 to make cloud detection and response and vulnerability assessments easier.

Data security and analytics pioneer Varonis Systems has launched its public vulnerability disclosure program through HackerOne.

Forescout’s Vedere Labs disclosed an update to its OT:ICEFALL study distributed in June 2022, which detailed vulnerabilities found in thousands of OT devices.

Global security manufacturer Gallagher has been awarded the Security Software Manufacturer of the Year accolade at the 2022 Security & Fire Excellence Awards.

It’s highly likely that Application Portfolio Management (APM) isn’t at the top of your to-do list. It may not even be on your list anymore.

The GSSH is a short, broad, easily-understood safe harbour statement that’s simple for customers to adopt, HackerOne states.

With the ever-increasing rise in cyber crime, Genetec is cautioning organisations of all sizes to be vigilant about the cybersecurity risk.

Varonis helped solve an SQLi vulnerability and an access control flaw in Zendesk Explore that would have allowed a threat actor to leak data.

Aqua Security launches Lightning Enforcer, an eBPF-based technology that provides real-time protection against zero-day attacks.

Organisations often combat threats by placing too much emphasis on technology alone and too little emphasis on people and their behaviour.