Researchers reported new side-channel attacks — ZombieLoad, Fallout, and Rogue In-Flight Data Load (RIDL) — that can leak data being processed by vulnerable Intel processors. Here's what you need to know.
Threat actors were found exploiting CVE-2018-1000861, a vulnerability in the Stapler web framework that is used by the Apache Jenkins open-source software development automation server with versions 2.153 and earlier.
A year after a potentially critical vulnerability (CVE-2018-1002100) was found and patched in the popular open-source container orchestration system and DevOps tool Kubernetes, researchers discovered that the vulnerability can still be exploited.
We look at the most pervasive information stealers, ransomware, and cryptocurrency-mining malware in the Americas in 2018 and how they highlight the significance of proactive threat detection and incident response capabilities.