Verizon DBIR: Enterprises Know the Pain of Zero Day Exploits All Too Well
The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches
SEARCH
Dennis Fisher
Editor in ChiefDennis Fisher is an award-winning journalist who has been covering information security and privacy since 2000.
He is one of the co-founders of Threatpost and previously wrote for TechTarget and eWeek, when magazines were still a thing that existed. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. His work has appeared in The Boston Globe, The Improper Bostonian, Harvard Business School’s Working Knowledge, and most of his kids’ English papers.
- dennis@decipher.sc
- @dennisf
Featured Articles
Cactus Ransomware Group Targets Qlik Sense Servers
Cactus ransomware actors are targeting Qlik Sense servers with exploits for three separate vulnerabilities in an ongoing campaign.
Russian Group Forest Blizzard Deploying GooseEgg Tool to Exploit CVE-2022-38028
A Russian threat group known as Forest Blizzard has been using a custom tool called GooseEgg to exploit a Windows Print Spooler
New Flaw in F5 BIG-IP Emerges
A new vulnerability has emerged in the F5 BIG-IP security appliances that can allow an attacker to crash the device.
Exploit Attempts Against Fortinet VPN Bug Surge
Exploit traffic against the Fortinet VPN CVE-2022-43475 vulnerability have spiked in recent weeks.
VMware Fixes vRealize Log Insight RCE Bugs
Researchers have developed an exploit for a group of vulnerabilities in VMware vRealize Log Insight that can lead to remote code execution as root.
GitHub Says Attacker Stole Encrypted Code-Signing Certificates for Desktop and Atom
An attacker exfiltrated three encrypted code-signing certificates from GitHub used to sign versions of Desktop for Mac and Atom.
ISC Patches Serious DoS Flaw in BIND
The ISC has released a fix for a serious denial-of-service vulnerability in many versions of BIND 9.