Vulnerabilities

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million

darkweb, data breach, exploit, Fortinet, SonicWall, Vulnerabilities, vulnerability /

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million 2024-11-01 at 13:34 By Paul Shread Overview Cyble Research and Intelligence Labs (CRIL) researchers investigated 17 vulnerabilities and nine dark web exploits during the period of Oct. 23-29, and highlighted seven vulnerabilities that merit high-priority attention from security teams. This week’s IT vulnerability report affects […]

React to this headline:

Loading spinner

IT Vulnerability Report: Fortinet, SonicWall, Grafana Exposures Top 1 Million Read More »

Cyble Sensors Detect New Attacks on LightSpeed, GutenKit WordPress Plugins

cyberattack, cyberattacks, exploit, exploits, Vulnerabilities /

Cyble Sensors Detect New Attacks on LightSpeed, GutenKit WordPress Plugins 2024-10-31 at 19:17 By Paul Shread Overview Cyble’s weekly sensor intelligence report for clients detailed new attacks on popular WordPress plugins, and IoT exploits continue to occur at very high rates. Two 9.8-severity vulnerabilities in LightSpeed Cache and GutenKit are under attack, as WordPress and

React to this headline:

Loading spinner

Cyble Sensors Detect New Attacks on LightSpeed, GutenKit WordPress Plugins Read More »

E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale

Emerging Threats, Security Research, Threat Intelligence, Vulnerabilities /

E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale 2024-10-30 at 15:05 By The booming e-commerce industry, with its projected $5 trillion in sales by 2025, has become a prime target for cybercriminals, a fact highlighted in the new Trustwave SpiderLabs report, Retail Sector Deep Dive: Rise of E-Commerce Threats. This article is an excerpt from

React to this headline:

Loading spinner

E-Commerce Security Woes: Millions of Stolen User Sessions Found for Sale Read More »

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches

Emerging Threats, Reports, Security Research, Threat Intelligence, Vulnerabilities /

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches 2024-10-22 at 17:18 By Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches Read More »

Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy

penetration testing, Tips & Tricks, Vulnerabilities /

Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy 2024-10-21 at 21:48 By It’s Cybersecurity Awareness Month and you know what that means. We spend every spare hour waiting for The Great Pumpkin. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy Read More »

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails

email security, Emerging Threats, Vulnerabilities /

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails 2024-10-21 at 17:33 By Katrina Udquin Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack

React to this headline:

Loading spinner

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails Read More »

How Threat Actors Conduct Election Interference Operations: An Overview

Artificial Intelligence, Emerging Threats, Government, Security Research, Vulnerabilities /

How Threat Actors Conduct Election Interference Operations: An Overview 2024-10-18 at 21:46 By Pauline Bolaños The major headlines that arose from the three most recent US presidential election cycles illuminated the various fragilities of American election infrastructures and systems. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

How Threat Actors Conduct Election Interference Operations: An Overview Read More »

Ransomware Readiness: 10 Steps Every Organization Must Take

Database Protection, DFIR, penetration testing, Threat Intelligence, Tips & Tricks, Vulnerabilities /

Ransomware Readiness: 10 Steps Every Organization Must Take 2024-10-18 at 18:31 By At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. This article is an excerpt from

React to this headline:

Loading spinner

Ransomware Readiness: 10 Steps Every Organization Must Take Read More »

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)

data breach, Database Protection, Emerging Threats, Security Research, Vulnerabilities /

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack) 2024-10-17 at 22:04 By Karl Biron Introduction In the perpetually evolving field of cybersecurity, new threats materialize daily. Attackers are on the prowl for weaknesses in infrastructure and software like a cat eyeing its helpless prey. This article is an excerpt from

React to this headline:

Loading spinner

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack) Read More »

Combating Misinformation and Cyber Threats to Secure the 2024 US Election

Artificial Intelligence, email security, Emerging Threats, Government, Vulnerabilities /

Combating Misinformation and Cyber Threats to Secure the 2024 US Election 2024-10-15 at 16:01 By Karl Sigler As we near the 2024 election, safeguarding the integrity of our democratic process is of paramount importance. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Combating Misinformation and Cyber Threats to Secure the 2024 US Election Read More »

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign

email security, Emerging Threats, Government, Microsoft Security, Vulnerabilities /

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign 2024-10-09 at 16:02 By The need for an iron-clad email security solution is once again making headlines. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign Read More »

Analyzing Latrodectus: The New Face of Malware Loaders

Emerging Threats, Threat Intelligence, Vulnerabilities /

Analyzing Latrodectus: The New Face of Malware Loaders 2024-10-08 at 16:01 By This report is the latest in a series that will delve into the deep research theTrustwave SpiderLabs Threat Intelligence team conducts daily on the major threat actor groups currently operating globally.  This article is an excerpt from Trustwave Blog View Original Source React

React to this headline:

Loading spinner

Analyzing Latrodectus: The New Face of Malware Loaders Read More »

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader

Emerging Threats, Managed Security Services, Security Research, Threat Intelligence, Vulnerabilities /

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader 2024-10-08 at 16:01 By Cris Tomboc and King Orande Trustwave’s Threat Intelligence team has discovered a new malware dubbed Pronsis Loader, with its earliest known variant dating back to November 2023. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader Read More »

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks

Vulnerabilities /

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks 2024-10-02 at 15:46 By Eduard Kovacs Over 58,000 internet-exposed CUPS hosts can be abused for significant DDoS attacks, according to Akamai.  The post After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks Read More »

Critical Zimbra Vulnerability Exploited One Day After PoC Release

Email, email security, exploited, Vulnerabilities, Zimbra /

Critical Zimbra Vulnerability Exploited One Day After PoC Release 2024-10-02 at 13:31 By Ionut Arghire A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers. The post Critical Zimbra Vulnerability Exploited One Day After PoC Release appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Zimbra Vulnerability Exploited One Day After PoC Release Read More »

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities

CISA KEV, exploited, Vulnerabilities /

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities 2024-10-01 at 16:01 By Ionut Arghire CISA warns that years-old vulnerabilities in SAP Commerce, Gpac framework, and D-Link DIR-820 routers are exploited in the wild. The post Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities Read More »

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

DFIR, Emerging Threats, Security Research, Threat Intelligence, Trustwave Rapid Response, Vulnerabilities /

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 2024-09-30 at 22:01 By On September 26, 2024, security researcher Simone Margaritelli disclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities, that, when chained together, can allow malicious actors to launch remote code execution (RCE) attacks on vulnerable systems. This article is

React to this headline:

Loading spinner

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 Read More »

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected

CUPS, Featured, Linux, Linux vulnerability, printer, Vulnerabilities /

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected 2024-09-27 at 13:31 By Eduard Kovacs A researcher has disclosed the details of an unpatched vulnerability that was expected to pose a serious threat to many Linux systems. The post Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than

React to this headline:

Loading spinner

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected Read More »

Cisco Patches High-Severity Vulnerabilities in IOS Software

Cisco, Vulnerabilities, vulnerability /

Cisco Patches High-Severity Vulnerabilities in IOS Software 2024-09-26 at 16:16 By Ionut Arghire Cisco has released patches for seven high-severity vulnerabilities affecting products running IOS and IOS XE software. The post Cisco Patches High-Severity Vulnerabilities in IOS Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Cisco Patches High-Severity Vulnerabilities in IOS Software Read More »

Scroll to Top