Security vulnerabilities stories - Page 15

Technologists are struggling to manage soaring volumes of emerging cyber threats across an increasingly dynamic and fragmented IT environment.

Rapid7 Vulnerability Intelligence Report finds attackers developing and deploying exploits faster, with an 87% increase in first-week exploitation since 2020.

Cyber-physical system vulnerabilities have decreased by 14% in 2H 2022, while internal research findings have increased by 80%, says a report by Claroty.

The report looks at real-world data to understand how global companies and industries use and secure cloud and container environments. .

In the past, mega vulnerabilities happened once a quarter, but this past year we've been dealing with critical vulnerabilities almost weekly in some cases.

China's 8220 Gang has targeted public cloud environments with a custom-built crypto miner and IRC bot, warns Radware.

Trustwave has relaunched its Advanced Continual Threat Hunting platform, resulting in a 3x increase in threat findings.

Claroty's research team, Team82, has examined the GE Proficy Historian, finding five exploitable vulnerabilities capable of causing damage to the system.

Between July and October, Acronis found that the proportion of phishing attacks has risen by 1.3, accounting for 76% of all attacks.

GreyNoise Intelligence unveils its 2022 Mass Exploitation Report, delving deep into threat detection events from the past year.

The Secureworks Counter Threat Unit (CTU) has uncovered a subgroup of Iranian Cobalt Mirage using GitHub to store and deploy malware.

Rapid7 showcases new capabilities at AWS re:Invent 2022 to make cloud detection and response and vulnerability assessments easier.

Data security and analytics pioneer Varonis Systems has launched its public vulnerability disclosure program through HackerOne.

Forescout's Vedere Labs disclosed an update to its OT:ICEFALL study distributed in June 2022, which detailed vulnerabilities found in thousands of OT devices.

Global security manufacturer Gallagher has been awarded the Security Software Manufacturer of the Year accolade at the 2022 Security & Fire Excellence Awards.

It's highly likely that Application Portfolio Management (APM) isn't at the top of your to-do list. It may not even be on your list anymore.

The GSSH is a short, broad, easily-understood safe harbour statement that's simple for customers to adopt, HackerOne states.

With the ever-increasing rise in cyber crime, Genetec is cautioning organisations of all sizes to be vigilant about the cybersecurity risk.

Varonis helped solve an SQLi vulnerability and an access control flaw in Zendesk Explore that would have allowed a threat actor to leak data.

Aqua Security launches Lightning Enforcer, an eBPF-based technology that provides real-time protection against zero-day attacks.