Microsoft warned that these attacks are “particularly high risk” for impacted organizations.
APT groups from Russia and China are targeting CVE-2023-38831 in WinRAR in multiple campaigns, deploying custom and commodity malware.
The flaw was disclosed last week, but researchers said that exploitation started in late August.
CISA and the FBI are urging network administrators to apply patches for the Atlassian Confluence bug (CVE-2023-22515) immediately.
The global campaign, which occurred between July and September, mostly targeted organizations in the Americas region.
Dr. Christopher Mitchell, the CISO for the City of Houston, joins the Decipher podcast to discuss how he inspires his team and drives collaboration related to security within his organization.
The two important-severity flaws are publicly known and are part of Microsoft’s regularly scheduled Patch Tuesday releases, which overall included more than 100 fixes.
A new flaw in HTTP/2 known as Rapid Reset has enabled threat actors to launch massive DDoS attacks and is believed to affect all modern web servers.
More details about the impacts of the cyberattack hitting MGM Resorts have been disclosed.
The high-severity flaw (CVE-2023-4911), which was introduced in glibc version 2.34, exists in glibc’s dynamic loader.
Researchers have discovered clues that may indicate that the Qakbot threat actors are still active.
Alessio Setaro, CISO of Leroy Merlin Italy, joins Dennis Fisher to talk about his path to becoming a CISO, the challenges of breaking down silos in an organization, and why security is a people-first challenge.
Researchers have identified seven serious flaws in the BMC firmware on many Supermicro motherboards that can lead to complete compromise of vulnerable servers.
Atlassian has released fixes for a zero day in its popular Confluence Server and Data Center products.
Exploitation has been observed in the wild for a critical flaw in the file transfer server from the MOVEit Transfer maker.