Vulnerabilities & Exploits
- February 28, 2019CVE-2019-5736 is a vulnerability involving the runC runtime component, which is used for container platforms such as Docker and container orchestration platforms such as Kubernetes.
- February 26, 2019Looking back at the most significant issues of 2018, we saw shifting cybercriminal strategies and lingering security threats. Enterprises faced a multitude of challenges, but careful study of these issues can present opportunities for improvement.
- January 29, 2019Owners and administrators of WordPress websites that use the “Total Donations” plugin are advised to remove the plugin after a zero-day vulnerability and design flaws were seen actively exploited in the wild.
- January 15, 2019Radio frequency (RF) technology is being used in operations to control various industrial machines. However, the lack of implemented security in RF communication protocols could lead to production sabotage, system control, and unauthorized access.
- December 20, 2018Fileless threats aren’t as visible compared to traditional malware and employ a variety of techniques to stay persistent. Here's a closer look at how fileless malware work and what can be done to thwart them.
- December 11, 2018Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape.
- December 06, 2018Two Adobe Flash zero-day vulnerabilities using Microsoft documents are seen in an ongoing spam campaign. Users and enterprises using legacy systems are advised to patch immediately to prevent these critical flaws abused for possible attacks.
- November 07, 2018Users of Apache Struts are encouraged to make a necessary update to prevent two vulnerabilities from being exploited and used for remote code execution and denial-of-service attacks.
- October 31, 2018The FBI advised businesses to implement measures against Remote Desktop Protocol (RDP) brute force attacks. While considered a useful remote administration tool, cybercriminals also abuse it. Ways to defend against these threats.