Collaborate Disseminate
When Adobe released security updates for its ColdFusion application development platform last month, it noted that one of the vulnerabilities (CVE-2023-26360) had been exploited in the wild “in very limited attacks.” Were your servers among… Continue reading Prevent and detect Adobe ColdFusion exploitation (CVE-2023-26360, CVE-2023-26359)
Attackers are exploiting a critical vulnerability (CVE-2022-47986) in the IBM Aspera Faspex centralized file transfer solution to breach organizations. About CVE-2022-47986 IBM Aspera Faspex is used by organizations to allow employees to quickly and se… Continue reading Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)
Rapid7 spends $38 million to acquire Israeli anti-ransomware startup Minerva Labs to beef up its managed detection and response portfolio.
The post Rapid7 Buys Anti-Ransomware Firm Minerva Labs for $38 Million appeared first on SecurityWeek.
Continue reading Rapid7 Buys Anti-Ransomware Firm Minerva Labs for $38 Million
Microsoft on Tuesday released updates to quash at least 74 security bugs in its Windows operating systems and software. Two of those flaws are already being actively attacked, including an especially severe weakness in Microsoft Outlook that can be exploited without any user interaction. Continue reading Microsoft Patch Tuesday, March 2023 Edition
While there was a reduction in the widespread exploitation of new vulnerabilities in 2022, the risk remains significant as broad and opportunistic attacks continue to pose a threat, according to Rapid7. Deploying exploits Attackers are developing and d… Continue reading Attackers are developing and deploying exploits faster than ever
Raj Samani, SVP, Chief Scientist, Rapid7, discusses the tactics observed from a recent case of espionage, and what can be learned from such observations. This video was recorded at IRISSCON 2022, an annual conference organized by IRISSCERT. The all-day… Continue reading Tracking the adversary
Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday. Continue reading Microsoft Patch Tuesday, December 2022 Edition
Kali Linux is a specialized Linux distribution developed by Offensive Security, designed for experienced Linux users who need a customized platform for penetration testing. Kali Linux also comes with several hundred specialized tools for carrying out p… Continue reading 5 Kali Linux tools you should learn how to use
The Irish Reporting and Information Security Service’s (IRISSCERT) Conference on Cybercrime will be on the 10th of November 2022 in the Aviva stadium. This all-day conference will focus on providing attendees with an overview of the current cyber threa… Continue reading IRISSCERT brings eminent cybersecurity experts to its conference in Dublin
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could lead to a repeat of the Log4Shell dumpster fire. But the final verdict shows t… Continue reading Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)