A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with criminal hacking by a U.S. federal grand jury and accused of illegally accessing and leaking data from numerous organizations, apparently including Intel, Nissan and the U.S. National Reconnaissance Office.
From Thursday through Monday, Check Point Research tracked a tenfold increase in the number of global attempts to exploit vulnerable on-premises Microsoft Exchange servers as organizations race to install patches.
Fresh ransomware targeting an unpatched Microsoft Exchange email server flaw appears to have been rushed to market by criminals trying to capitalize on new opportunities before the competition stepped in, resulting in relatively shoddy attack code, security firm Sophos reports.
Microsoft has released an interim mitigation tool designed to help smaller organizations take quick action to prevent attacks that exploit the unpatched ProxyLogon flaw in on-premises Microsoft Exchange servers.
Attackers wielding DearCry - aka DoejoCrypt - ransomware have begun to exploit the serious proxy-logon flaw in unpatched versions of Microsoft Exchange running on premises. The vulnerability is one of four zero-day flaws patched last week by Microsoft, which APT attackers began exploiting in January.
The Microsoft Vulnerabilities Report compiles every Microsoft security bulletin from the past 12 months, analyzes the trends, and includes viewpoints from security experts. This provides a consolidated view and analysis of Microsoft patch Tuesdays, providing a crucial barometer of the threat landscape for the...
Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 APT groups that have been collectively been hitting thousands of companies over the last three months, including prior to when Microsoft was first alerted to the flaws and issued a patch, security researchers warn.
Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises. But a big question looms: How bad is this situation going to get?
Microsoft's rerelease on Patch Tuesday of the seven patches for the widely exploited Exchange vulnerabilities has given security experts a chance to reiterate the urgent need to install these and other critical security updates.
Microsoft is warning users of its Azure cloud platform that hackers are using several "living off the land" attack techniques to evade security measures, escalate privileges and deploy cryptominers. The software giant released a threat detection and mitigation strategy for the platform.
Adobe has released security updates to address eight vulnerabilities, which, if exploited, could enable an attacker to take control of an affected system.
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
VMware has issued patches for a critical vulnerability in its virtual desktop deployment platform, View Planner, which could enable remote code execution.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.