Microsoft is urging its customers to patch a "wormable" vulnerability affecting the Windows Server operating system that could allow an attacker to exploit an organization's entire infrastructure.
Security researchers warn that the number of exploit attempts targeting a critical vulnerability in F5 Networks' BIG-IP networking products has steadily increased since the company first announced the flaw late last week. They urge users to immediately apply patches.
Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could enable attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.
Palo Alto Networks product alert: All users should immediately patch a "critical" flaw in Pan-OS that can be remotely exploited to bypass authentication and take full control of systems or gain access to networks, U.S. Cyber Command and the Cybersecurity Infrastructure and Security Agency warn.
Microsoft is warning its customers that attackers are increasingly targeting unpatched Exchange servers, with a significant uptick in activity since April.
Hackers wielding Nefilim ransomware are targeting unpatched or poorly secured Citrix remote-access technology, then stealing data, unleashing crypto-locking malware and threatening to dump data to try to force payment, New Zealand's national computer emergency response team warns.
A proactive approach to your agency's security posture is a highly cost-effective way to reduce your cybersecurity exposure; particularly when you consider security breaches have increased by 11% since 2018 and 67% since 2014. To help you reduce your exposure, the Essential 8 are the fundamental elements from the...
Time for another internet of things update nightmare: Researchers have found that a little-known but widely used TCP/IP software library built into millions of internet-connected devices has 19 flaws that need fixing. Developer Treck has issued fixes, but how many vulnerable devices will end up patched?
With internet connectivity getting added to an increasing number of products, privacy and security risks abound. But buyers may be unaware. A team of Carnegie Mellon University researchers aims to change that, by clear labeling of connected devices and the risks they may pose.
Researchers at the security firm Trustwave have disclosed six vulnerabilities in SAP Adaptive Server Enterprise 16.0 (ASE) database software, with two rated as critical. These two vulnerabilities could enable attackers to perform arbitrary code execution and tamper with a system's data.
Thousands of unpatched Exim email servers are potentially vulnerable to a critical flaw that the NSA says Russian-backed hackers are attempting to exploit, according to the security firm RiskIQ, which also warns of two other Exim vulnerabilities that should be patched.
A Russian government-backed hacking group that's been tied to a series of cyberespionage campaigns has been quietly exploiting a critical remote code execution vulnerability in Exim email servers since 2019, the U.S. National Security Agency warns in an alert.
Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities. The company did not describe the damage done, saying only that "a limited set of customers" was impacted.
As ransomware gangs attempt to boost their illicit profits, the RagnarLocker ransomware gang has brought a new tactic to bear: installing a full virtual machine on victims' systems to hide their crypto-locking malware while it forcibly encrypts files, security firm Sophos warns.
From 2016 to 2019, sophisticated nation-state attackers preferred to target 10 vulnerabilities more than all others, the U.S. Cybersecurity and Infrastructure Security Agency and FBI warn in a new alert. They say many of these flaws are years old, yet remain unpatched and actively exploited.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
