Vulnerabilities & Exploits
- August 28, 2018A review of the first half of 2018 shows a threat landscape that not only has constant and familiar features but also has morphing and uncharted facets: Ever-present threats steadily grew while emerging ones used stealth.
- August 24, 2018Users of the Apache Struts are urged to update to its latest version after security researchers uncovered a critical remote code execution (RCE) vulnerability in the web application development framework.
- August 20, 2018At DEF CON 2018, security researchers demonstrated how they were able to infiltrate networks by exploiting vulnerabilities in printers. Here's how managed detection and response can help address similar threats.
- August 15, 2018Security researchers uncovered vulnerabilities affecting the speculative execution feature of Intel CPUs, similar to Spectre and Meltdown. Here's what you need to know.
- June 29, 2018Researchers discovered a WordPress core vulnerability that can allow attackers to gain control of web sites and execute arbitrary code.
- June 22, 2018Four vulnerabilities, including two critical ones, in Phoenix Contact switches used in industrial systems automation could be exploited for attacks. Affected companies are strongly advised to apply patches immediately.
- June 21, 2018Researchers found seven vulnerabilities in Axis cameras can be used for cyberattacks if exploited. While only POCs have been shown, customers are strongly advised to patch their firmware immediately.
- June 15, 2018PyRoMineIoT malware infects systems with a Monero miner, spreads using RCE EternalRomance by removing or modifying accounts and passwords with privileged access, and scans for vulnerable Internet of Things devices for possible future attacks.
- June 13, 2018A vulnerability found in websites’ cache infrastructure and content delivery networks can be used to spread malware, and an API vulnerability in Mozilla Firefox can be used to have partial control via plug-ins for a DDoS attack.