Verizon DBIR: Enterprises Know the Pain of Zero Day Exploits All Too Well
The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches
Cactus ransomware actors are targeting Qlik Sense servers with exploits for three separate vulnerabilities in an ongoing campaign.
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler
Rapid7 researchers have found a new flaw (CVE-2023-35082) in Ivanti MobileIron Core 11.2 and earlier.
The number of zero days detected in the wild in 2022 dropped 40 percent from the previous year, but researchers say that doesn't mean we're getting better at security.
A new CISA analysis of risk and vulnerability assessments at government agencies shows that the use of valid credentials and spear phishing are still the most effective initial access vectors.
A new coalition of tech companies, including AT&T, Cisco, Verizon, and VMware, is aiming to address the challenges to global network resilience.
Atlassian has patched three nigh-risk vulnerabilities, two in its Confluence products and one in its Bamboo products.