
New infosec products of the week: December 15, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps. Nemesis: Open-source …

Censys unveils two new product tiers to help researchers enhance their threat hunting work
Censys announced two new product tiers of its search tool, Censys Search Solo and Censys Search Teams. These additions are part of a series of strategic initiatives to enhance …

Censys Internet Map helps organizations identify, understand and mitigate threats
Censys announced the Censys Internet Map. As the data foundation that powers the Censys Internet Intelligence Platform, the Censys Internet Map provides users with the most …

NOS chooses Censys to monitor its attack surface
Censys has unveiled that NOS chose Censys to monitor its attack surface. Censys’ technology provides NOS with complete visibility into its external-facing …

Cl0p announces rules for extortion negotiation after MOVEit hack
The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 …

Zyxel firewalls under attack by Mirai-like botnet
CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to …

Web entity activity reveals insights into internet security
For its recent research focusing on web entities (or content served over HTTP), Censys leveraged its internet-wide scan data to understand better the applications and services …

CISA releases ESXiArgs ransomware recovery script
According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations. Fixing the mess …

Top 3 resolutions for security teams
As 2023 goals become solidified, companies need to decide how they are prioritizing cybersecurity. It’s time to focus on what organizations can prioritize. In this Help …

Thousands of unpatched VMware ESXi servers hit by ransomware via old bug (CVE-2021-21974)
Late last week, unknown attackers launched a widespread ransomware attack hitting VMware ESXi hypervisors via CVE-2021-21974, an easily exploitable vulnerability that allows …

Cacti servers under attack by attackers exploiting CVE-2022-46169
If you’re running the Cacti network monitoring solution and you haven’t updated it since early December, now is the time to do it to foil attackers exploiting a …

High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786)
Version 3.0.7 of the popular OpenSSL cryptographic library is out, with fixes for CVE-2022-3602 and CVE-2022-3786, two high-severity buffer overflow vulnerabilities in the …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025