Microsoft's rerelease on Patch Tuesday of the seven patches for the widely exploited Exchange vulnerabilities has given security experts a chance to reiterate the urgent need to install these and other critical security updates.
Microsoft is warning users of its Azure cloud platform that hackers are using several "living off the land" attack techniques to evade security measures, escalate privileges and deploy cryptominers. The software giant released a threat detection and mitigation strategy for the platform.
Adobe has released security updates to address eight vulnerabilities, which, if exploited, could enable an attacker to take control of an affected system.
A Microsoft Exchange Server at the European Banking Authority, a regulatory agency of the European Union, was hacked. But the agency says there are no indications of data exfiltration.
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
VMware has issued patches for a critical vulnerability in its virtual desktop deployment platform, View Planner, which could enable remote code execution.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.
Microsoft has patched a critical vulnerability in Windows that can be exploited by tricking users to visit websites that use a malicious font. The flaw was found by Google's Project Zero bug-hunting team.
Security firm Positive Technologies says more than 6,000 VMware vCenter devices worldwide that are accessible via the internet contain a critical remote code execution vulnerability. VMware has issued recommendations for patching the flaw.
The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.
The Python Software Foundation is issuing updates for Python 3.9.2 and 3.8.8 to address critical security vulnerabilities, including a remote code execution vulnerability that can be exploited to shut down systems.
Software company Accellion has released preliminary findings around the security incident that stung customers using its 20-year-old File Transfer Appliance. The attackers swiftly stole data from compromised systems, and some of those organizations have subsequently been extorted.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.