Collaborate Disseminate
This is the second part of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #1 – CVE-2022-24521)
This is part six of our study about the Common Log File System (CLFS) and five vulnerabilities in this Windows OS component that have been used in ransomware attacks throughout the year. Continue reading Windows CLFS and five exploits used by ransomware operators (Exploit #5 – CVE-2023-28252)
Key statistics for 2023: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. Continue reading Kaspersky Security Bulletin 2023. Statistics
That latest cyberattack threatening your organization is likely coming from outside the corporate network. According to Mandiant’s M-Trends 2023 report, 63% of breaches came from an outside entity — a considerable rise from 47% the year before. When it comes to how intruders are getting into the network, it depends on the organization’s location. Spearphishing […]
The post Zero-day attacks are on the rise. Can patches keep up? appeared first on Security Intelligence.
Continue reading Zero-day attacks are on the rise. Can patches keep up?
In February 2023, we found a zero-day exploit, supporting different versions and builds of Windows, including Windows 11. This particular zero-day was used by a sophisticated cybercrime group that carries out ransomware attacks. Continue reading Nokoyawa ransomware attacks with Windows zero-day
This blog was made possible through contributions from Fred Chidsey and Joseph Lozowski. The X-Force Vulnerability and Exploit Database shows that the number of zero days being released each year is on the rise, but X-Force has observed that only a few of these zero days are rapidly adopted by cyber criminals each year. While […]
The post X-Force Prevents Zero Day from Going Anywhere appeared first on Security Intelligence.
Continue reading X-Force Prevents Zero Day from Going Anywhere
Zero-day attacks are on the rise. Not only was 2021 a record-breaking year for the total number of zero-day attacks, but it also accounted for 40% of the zero-day breaches over the last decade. In part, this race to zero is tied to the sheer number of web, mobile and cloud-based applications being developed and […]
The post Zero-Day Exploits: The Anatomy of Unexpected Attacks appeared first on Security Intelligence.
Continue reading Zero-Day Exploits: The Anatomy of Unexpected Attacks
At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and CVE-2022-41082. The cybersecurity community dubbed the pair of vulnerabilities ProxyNotShell. Continue reading CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange
Key statistics for 2022: ransomware, trojan bankers, miners and other financial malware, zero-day vulnerabilities and exploits, web attacks, threats for macOS and IoT. Continue reading Kaspersky Security Bulletin 2022. Statistics
PC malware statistics for Q3 2022 includes data on miners, ransomware, banking Trojans, and other threats to Windows, macOS and IoT devices. Continue reading IT threat evolution in Q3 2022. Non-mobile statistics