Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.
U.S. and U.K. cybersecurity agencies issued a joint warning this week that over 62,000 QNAP network-attached storage devices worldwide have been infected with data-stealing malware.
CISA is warning that threat actors are actively exploiting a remote code execution vulnerability in F5's BIG-IP network products that can lead to data exfiltration and other security issues. Earlier, researchers and F5 had urged users to patch the flaw.
Trend Micro says it has seen increasing attempts to infect home routers for use as proxies and for DDoS attacks. The battle is primarily being fought by three bot families - Mirai, Qbot and Kaiten - that enable low-level fraudsters to hide their activity.
A previously undetected botnet called "Prometei" is targeting vulnerable Microsoft Windows devices by brute-forcing SMB vulnerabilities to mine monero cryptocurrency, according to Cisco Talos.
Despite warnings from security researchers and U.S. Cyber Command earlier this month, thousands of users have not yet patched their F5 BIG-IP networking products to fix a critical vulnerability that could allow for remote code execution, according to the security firm Expanse.
Cybersecurity experts are pushing organizations to immediately patch a critical zero-day vulnerability in SAP's NetWeaver Application Server because threat actors are likely searching for networks that are susceptible to the flaw.
Microsoft is urging its customers to patch a "wormable" vulnerability affecting the Windows Server operating system that could allow an attacker to exploit an organization's entire infrastructure.
Security researchers warn that the number of exploit attempts targeting a critical vulnerability in F5 Networks' BIG-IP networking products has steadily increased since the company first announced the flaw late last week. They urge users to immediately apply patches.
Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could enable attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.
Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.
Microsoft is warning its customers that attackers are increasingly targeting unpatched Exchange servers, with a significant uptick in activity since April.
Hackers wielding Nefilim ransomware are targeting unpatched or poorly secured Citrix remote-access technology, then stealing data, unleashing crypto-locking malware and threatening to dump data to try to force payment, New Zealand's national computer emergency response team warns.
A proactive approach to your agency's security posture is a highly cost-effective way to reduce your cybersecurity exposure; particularly when you consider security breaches have increased by 11% since 2018 and 67% since 2014. To help you reduce your exposure, the Essential 8 are the fundamental elements from the...
Time for another internet of things update nightmare: Researchers have found that a little-known but widely used TCP/IP software library built into millions of internet-connected devices has 19 flaws that need fixing. Developer Treck has issued fixes, but how many vulnerable devices will end up patched?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
