A couple simple steps companies can take to protect their systems from ransomwareStephen WeigandAugust 2, 2021
Patch/Configuration Management1 in 4 high-risk CVEs are exploited within 24 hours of going publicSteve ZurierDecember 19, 2023Research highlights how organizations have little time to patch high-risk bugs.
Patch/Configuration ManagementCritical Struts 2 flaw could result in remote code execution, says ApacheSteve ZurierDecember 12, 2023Apache releases drop-in replacement and upgrade for critical security flaw that is similar to vulnerability that led to 2017 Equifax breach.
Patch/Configuration ManagementLazarus Group continues to exploit Log4j flaw in latest campaignSimon HenderyDecember 12, 2023In addition to Log4j, the North Korean threat group’s latest campaign also involves three previously unknown Dlang-based malware variants.
Vulnerability ManagementVulnerable Log4j instances persist two years after patchesSC StaffDecember 11, 2023TechRadar reports that vulnerable versions of the Apache Log4j software have been observed across 38% of apps between Aug. 15 and Nov. 15, indicating the enduring security risk of the software.
Vulnerability ManagementAtlassian warns of 4 new critical vulnerabilities affecting Jira, Confluence, BitbucketLaura FrenchDecember 11, 2023Users must install updates to protect against remote code execution (RCE) attacks targeting users of the Australian software firm.
Endpoint/Device SecurityCritical Bluetooth flaw could take over Android, Apple, Linux devicesSteve ZurierDecember 7, 2023The flaw is an authentication bypass that lets attackers connect susceptible devices and inject keystrokes to achieve code execution as the victim.
Endpoint/Device SecuritySierra router vulnerabilities pose hacking risk for critical infrastructureLaura FrenchDecember 6, 2023More than 20 new vulnerabilities, including one critical vulnerability, enable denial-of-service attacks, remote code execution and more.