Common Vulnerabilities and Exposures (CVE) stories - Page 11

The technology sector was a major target of ransomware in Q4 2022; and large IT providers are likely to be targeted in 2023.

Scaled ransomware attacks against manufacturing and geopolitical tensions brought increased attention to the industrial cyber threat landscape.

Rapid7 has released Metasploit Framework 6.3, adding native authentication, incorporating new modules for attacks and simplifying complex workflows.

New research from Nozomi Networks has found hacktivists shifted their tactics in 2022 from data theft and DDoS attacks to using more destructive malware.

Claroty's research team, Team82, has examined the GE Proficy Historian, finding five exploitable vulnerabilities capable of causing damage to the system.

GreyNoise Intelligence unveils its 2022 Mass Exploitation Report, delving deep into threat detection events from the past year.

A new report from risk intelligence firm Flashpoint has found that Australia was the sixth most targeted country in the world for ransomware attacks.

Global security manufacturer Gallagher has been awarded the Security Software Manufacturer of the Year accolade at the 2022 Security & Fire Excellence Awards.

The telecom industry ranks globally as the most impacted by ransomware, followed by transportation and shipping.

New vulnerability found in ABB TotalFlow flow computers and controllers exposes oil and gas utilities to potential attacks.

DevOps tools and infrastructure are facing increased attacks, with API vulnerabilities impacting security focus, according to a report by Wallarm.

It links individual vulnerabilities in ransomware operations, helping vulnerability management teams prevent potential cyber extortion events with VulnDB.

GitHub has announced a range of new products designed to accelerate the company's push into major enterprises at its San Francisco event.

Azul's Vulnerability Detection, the new SaaS product, continuously detects vulnerabilities in Java applications by eliminating false positives.

Rise in hybrid cyberattacks targeting small companies sparks concern over vulnerability exploits, as corporate espionage becomes widespread.

Following a coordinated disclosure of a zero-day vulnerability by Volexity in Atlassian Confluence, attackers went wild to exploit it.

Black Lotus Labs, the threat intelligence team at Lumen, has discovered a new, rapidly growing, multipurpose malware written in the Go programming language.

The Q2 Internet Security Report found office exploits continue to spread more than any other category of malware.

Trellix has announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.

Rapid7 has issued a vulnerability advisory for two Baxter Healthcare TCP/IP-enabled medical devices: SIGMA Spectrum Infusion Pump and SIGMA WiFi Battery.