First Azul State of Java survey reveals Java's crucial role in tech industry
Azul's inaugural State of Java survey highlights Java's vital role in global tech, with 98% of firms reporting usage.
Cequence brings API protection to HPE GreenLake Marketplace
Cequence Security offers first-ever API protection on the HPE GreenLake Marketplace, promoting visibility, reduced costs, and minimised business risks.
Telegram, AWS, and Alibaba Cloud targeted in latest supply chain attack
An attacker attempted to exploit the open-source community by uploading a series of malicious packages to the PyPi package manager.
Recorded Future discloses new high-risk vulnerabilities
Recorded Future's monthly report reveals high-risk vulnerabilities, exploit chains, and zero-day vulnerabilities affecting Microsoft and Ivanti products.
CyFox identifies critical hijacking vulnerability in popular streaming software
Critical hijacking vulnerability in Stremio 4.4 puts 5 million users at risk; remote code execution and information theft possible.
Claroty reveals five vulnerabilities in NETGEAR RAX30 routers
Claroty’s research arm, Team82, has disclosed five vulnerabilities in NETGEAR’s RAX30 routers they discovered at the Pwn2Own Toronto hacking competition.
Attackers deploying exploits faster than ever, finds Rapid7
Rapid7 Vulnerability Intelligence Report finds attackers developing and deploying exploits faster, with an 87% increase in first-week exploitation since 2020.
Secureworks finds Iranian threat group back with new persona
Secureworks has found that the Iranian threat group, Cobalt Sapling, has reemerged with a new persona, Abraham's Ax.
Claroty’s Team82 finds vulnerabilities in historian server
Claroty's research team, Team82, has examined the GE Proficy Historian, finding five exploitable vulnerabilities capable of causing damage to the system.
GreyNoise Intelligence identifies exploitation threats for 2023
GreyNoise Intelligence unveils its 2022 Mass Exploitation Report, delving deep into threat detection events from the past year.
Lookout finds predatory behaviour on 300 loan apps
Almost 300 loan apps found in Africa, Southeast Asia, India, Colombia, and Mexico exhibit predatory behavior, says Lookout.
Attackers use automation to increase speed from exploits
Attackers are advancing to keep pace with cloud adoption and response time, according to a new report from Lacework.
52% of ransomware incidents started with compromise of unpatched remote services
The exploitation in remote services has become the primary initial access vector in ransomware attacks over the past year.
Cybersecurity loopholes prevalent in South East Asia
In terms of the share of vulnerabilities with publicly available exploits, three countries out of top five are located in Southeast Asia.
Dramatic uptick in threat activity with exploits growing nearly 150%
Threat activity has spiked in Q2 2022, with malware events rising by 25%, botnets doubling, and exploit activity growing almost 150%, says Nuspire's report.
2021 the year cyber criminals got creative - Proofpoint
One constant that remains as organisations approach a sense of normalcy after a disruptive year is that cyber criminals continue to target and exploit people.
New vulnerabilities found in Nuspire’s Q1 2022 Threat Report
Nuspire's Q1 2022 Threat Report reveals surge in threat actor activity as new vulnerabilities emerge. Mirai, STRRAT and Emotet see a resurgence.
Infoblox's State of Security Report spotlights Australian remote work hazards
Attackers exploit weak WiFi, remote endpoints, and the cloud, costing 50% of organisations over $1.3 million in breach damages.
Use of malware, botnets and exploits expands in Q1 2022
Malware, botnet, and exploit activity increased in Q1 2022, according to a report by managed security services provider Nuspire.
WordPress vulnerabilities more than doubled in 2021
WordPress vulnerabilities have more than doubled in 2021, with 77% of them being exploitable, according to Risk Based Security.
Log4j actively exploited, serious complications can occur according to CERT NZ
The widely-used java logging library, log4j, has been actively exploited, according to an update from CERT NZ and Catalyst.
Companies exploited by high-risk vulnerabilities, new research shows
84% of companies have high-risk vulnerabilities on their network perimeter, with half of them fixable through software updates, says Positive Technologies.
Radiflow launches iRISK for greater visibility into risk and vulnerability
Radiflow launches iRISK to bolster OT network defence with advanced risk analytics.
US$250,000 up for grabs with Microsoft’s bug bounty
Microsoft has announced the Speculative Execution Side Channel Bounty Program that is offering up to USD$250,000 to people who reveal novel bugs.