Collaborate Disseminate
Read details about the new Ivanti VPN zero-day vulnerabilities, along with the latest information about patches. Most of the exposed VPN appliances are reported to be in the U.S., followed by Japan and Germany. Continue reading New Ivanti Secure VPN Zero-Day Vulnerabilities and Patches
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs. Continue reading Operation Triangulation: The last (hardware) mystery
This is part five of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #4 – CVE-2023-23376)
This is part four of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #3 – October 2022)
This is the third part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #2 – September 2022)
We had never seen so many CLFS driver exploits being used in active attacks before, and then suddenly there are so many of them captured in just one year. Is there something wrong with the CLFS driver? Are all these vulnerabilities similar? These questions encouraged me to take a closer look at the CLFS driver and its vulnerabilities. Continue reading Windows CLFS and five exploits used by ransomware operators
This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)
This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)
Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. Continue reading Kaspersky Security Bulletin 2023. Statistics
That latest cyberattack threatening your organization is likely coming from outside the corporate network. According to Mandiant’s M-Trends 2023 report, 63% of breaches came from an outside entity — a considerable rise from 47% the year before. When it comes to how intruders are getting into the network, it depends on the organization’s location. Spearphishing […]
The post Zero-day attacks are on the rise. Can patches keep up? appeared first on Security Intelligence.
Continue reading Zero-day attacks are on the rise. Can patches keep up?