Common Vulnerabilities and Exposures (CVE) stories - Page 17

A very exposing report has revealed breaches are rising and response times are falling, largely due to shoddy software development practices.

Radiflow discovered that a serious vulnerability in the devices put the safety and availability of ICS networks in jeopardy.

Phishing for and using the stolen credentials to access systems or services stands out as a particularly popular attack method.

A critical flaw in Microsoft's ADFS allows bypassing MFA, posing a severe risk, warns Okta's REX team. Urgent patching is recommended for users.

Russell McVeagh Special Counsel Liz Blythe examines the opportunities and risks associated with the eye-wateringly quick pace of change in the sector.

GitHub adds security alerts for Python, allowing users to be notified when their code depends on packages with known vulnerabilities.

Check Point's latest Global Threat Index reveals that Trojan malware families enter Top 10 Most Wanted Ranking; Cryptomining remains top of the list.

Cryptomining malware is shifting its focus from browsers to endpoints, with XMRig rising in popularity among cybercriminals.

Barracuda Networks is tracking a potentially dangerous 'URL file outbreak' that distribute the Quant Loader Trojan.

A China-based cyberespionage group may be targeting United States engineering and maritime industries tied up in activities about the South China Sea.

Recorded Future believes China has been altering public vulnerability data to allow the Ministry of State Security to play with it first.

A new report from SonicWall has shed light on the current threat landscape with the company recording an astonishing 9.32b malware attacks in 2017.

Chinese websites are under siege by a drive-by download campaign planting the decade-old Avzhan DDoS bot, Malwarebytes Labs reveals.

A new wave of spam emails use Microsoft Office documents to download password stealers without having to activate Macros.

ASUSTOR is releasing updates to its ADM this week as part of its efforts to fix the Meltdown security vulnerabilities.

Lokibot malware targets unpatched Windows systems exploiting CVE-2017-11882; researchers urge timely updates and restricted installer access to combat threats.

A staggering 42% of top Alexa-ranked websites are vulnerable to cyber-attacks due to outdated software and compromised content, finds Menlo Security.

An exploit that targeted an Adobe Flash vulnerability looks to be the work of a North Korean group called TEMP.Reaper.

A vulnerability in Oracle's POS systems may affect more than 330,000 payment systems across the globe, putting files and sensitive information at risk.

Zyklon HTTP malware is described as a publicly-available and fully featured backdoor that is able to conduct DDoS attacks, steal passwords...