vulnerability

An offensive mindset is crucial for effective cyber defense
As ransomware attacks continue to increase and cybercriminals are becoming more sophisticated, the federal government has implemented a more proactive approach when it comes …

Attackers are attempting to exploit critical F5 BIG-IP RCE
Researchers have developed PoC exploits for CVE-2022-1388, a critical remote code execution bug affecting F5 BIG-IP multi-purpose networking devices/modules. Simultaneously, …

Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)
F5 Networks‘ BIG-IP multi-purpose networking devices/modules are vulnerable to unauthenticated remote code execution attacks via CVE-2022-1388. “This vulnerability may …

How to identify vulnerabilities with NMAP
In this video for Help Net Security, Shani Dodge Reiner, Development Team Leader at Vicarius, explains how to identify vulnerabilities using the NMAP tool. NMAP is a very …

The 6 steps to a successful cyber defense
The Ransomware Spotlight Year-End Report from Ivanti, conducted in partnership with Cyber Security Works and Cyware, found that there is now a total of 157 ransomware families …

Good end user passwords begin with a well-enforced password policy
In this interview with Help Net Security, Lori Österholm, CTO at Specops Software, explains what makes passwords vulnerable and suggests some password best practices and …

Phishers exploit Google’s SMTP Relay service to deliver spoofed emails
Phishers are exploiting a flaw in Google’s SMTP relay service to send malicious emails spoofing popular brands. Avanan researcher Jeremy Fuchs says that starting in April …

TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switches
Armis researchers have discovered five critical vulnerabilities in the implementation of TLS communications in multiple models of network switches. Collectively dubbed TLStorm …

Critical vulnerabilities open Synology, QNAP NAS devices to attack
Users of Synology and QNAP network-attached storage (NAS) devices are advised to be on the lookout for patches for several critical vulnerabilities affecting Netatalk, an …

The 15 most exploited vulnerabilities in 2021
In 2021, threat actors aggressively exploited newly disclosed critical software vulnerabilities to hit a broad set of targets worldwide, says the latest advisory published by …

Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)
Microsoft has unearthed two security vulnerabilities (CVE-2022-29799, CVE-2022-29800) in the networkd-dispatcher daemon that may be exploited by attackers to gain root on many …

Manage and monitor third-party identities to protect your organization
SecZetta shared a research that demonstrates a clear misalignment between the strategies organizations currently use and what is actually required to protect them from …
Featured news
Resources
Don't miss
- Where policy meets profit: Navigating the new frontier of defense tech startups
- Four arrested in connection with M&S, Co-op ransomware attacks
- Ruckus network management solutions riddled with unpatched vulnerabilities
- What EU’s PQC roadmap means on the ground
- Open source has a malware problem, and it’s getting worse