22 minutes from PoC exploit to attacks—would you have patched in time?
The speed at which you need to apply patches is increasing. Are you prepared?
2 minutes
News
GeoServer vulnerability actively abused, CISA warns
CISA has added CVE-2024-36401 to its catalog of known exploited vulnerabilities.
2 minutes
Watch out for CRYSTALRAY, an open source aficionado with a hunger for crypto
The CRYSTALRAY group, tracked by Sysdig, is using a suite of open source tools to find and compromise targets for…
1 minute
Patch now! July Patch Tuesday fixes two actively exploited vulnerabilities
Microsoft's Patch Tuesday covers two actively exploited vulnerabilities, one Office Remote Code Execution (RCE) flaw, and many other CVEs
2 minutes
South Africa’s NHLS is recovering from a ransomware attack quickly, it just doesn’t feel that way
It's estimated that the NHLS handles diagnostic tests for about 80% of South Africa's population. Ransomware groups don't care.
2 minutes
Law enforcement takes out hundreds of malicious Cobalt Strike servers
International law enforcement agencies have revealed a three-year operation to combat Cobalt Strike servers used by cybercriminals.
1 minute
Upgrade now! Juniper releases patch for critical authentication bypass
Juniper Networks has released an out-of-cycle upgrade for a CVSS 10 vulnerability.
1 minute
Upgrade now! New MOVEit Transfer vulnerability under active exploitation
A new vulnerability in MOVEit Transfer is already under active exploitation, just a day after a patch was released.
2 minutes
GrimResource MSC attack uses 5-year-old vulnerability
Cybercriminals' search for an alternative to Office macros has brought them to MSC files used by the Microsoft Management Console.
2 minutes
UEFI vulnerability for Intel processors opens the doors for a bootkit
Researchers have disclosed details of a vulnerability in Phoenix Technologies' firmware for Intel processors.
2 minutes
Microsoft 365 users targeted in 2FA-busting phishing campaigns
Researchers have uncovered a Phishing-as-a-Service platform that enables criminals to bypass some forms of 2FA.
2 minutes
Compromised F5 BIG-IP appliances abused in three-year infiltration
A state-sponsored attacker used compromised F5 load balancers to gain persistence on a target's network.
2 minutes
Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities
Microsoft has fixed 149 vulnerabilities, two of which are reportedly being exploited in the wild.
2 minutes
Update now! ConnectWise ScreenConnect vulnerability needs your attention
ConnectWise customers need to take immediate action to remediate a critical vulnerability.
1 minute
LockBit, the world’s worst ransomware, is down
LockBit's position as ransomware's biggest beast is suddenly in doubt.
1 minute
Microsoft Exchange vulnerability actively exploited
One of Microsoft's Patch Tuesday fixes has flipped from "Likely to be Exploited" to “Exploitation Detected”.
1 minute
Update now! Microsoft fixes two zero-days on February Patch Tuesday
Microsoft has issued patches for 73 security vulnerabilities in its February 2024 Patch Tuesday.
2 minutes
Patch now! Roundcube mail servers are being actively exploited
A vulnerability in Roundcube webmail is being actively exploited and CISA is urging users to install an updated version.
1 minute
Ivanti urges customers to patch yet another critical vulnerability
Ivanti has found yet another vulnerability in versions of Connect Secure, Policy Secure, and ZTA gateways.
2 minutes
