Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591)
Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About …
New infosec products of the week: December 15, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps. Nemesis: Open-source …
Censys unveils two new product tiers to help researchers enhance their threat hunting work
Censys announced two new product tiers of its search tool, Censys Search Solo and Censys Search Teams. These additions are part of a series of strategic initiatives to enhance …
Censys Internet Map helps organizations identify, understand and mitigate threats
Censys announced the Censys Internet Map. As the data foundation that powers the Censys Internet Intelligence Platform, the Censys Internet Map provides users with the most …
NOS chooses Censys to monitor its attack surface
Censys has unveiled that NOS chose Censys to monitor its attack surface. Censys’ technology provides NOS with complete visibility into its external-facing …
Cl0p announces rules for extortion negotiation after MOVEit hack
The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 …
Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …
Web entity activity reveals insights into internet security
For its recent research focusing on web entities (or content served over HTTP), Censys leveraged its internet-wide scan data to understand better the applications and services …
CISA releases ESXiArgs ransomware recovery script
According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations. Fixing the mess …
Top 3 resolutions for security teams
As 2023 goals become solidified, companies need to decide how they are prioritizing cybersecurity. It’s time to focus on what organizations can prioritize. In this Help …
Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)
Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows …
Cacti servers under attack by attackers exploiting CVE-2022-46169
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a …
Featured news
Resources
Don't miss
- Product showcase: Secure digital and physical access with the Swissbit iShield Key 2
- Trojanized KeePass opens doors for ransomware attackers
- Closing security gaps in multi-cloud and SaaS environments
- Containers are just processes: The illusion of namespace security
- Why legal must lead on AI governance before it’s too late