The aggressive Zloader banking malware campaign is exploiting Microsoft’s digital signature verification method to inject code into a signed system DLL, according to researchers at Check Point.
VMware this week shipped security updates for its Workstation, Fusion and ESXi product lines, warning that a heap-overflow vulnerability could expose users to code execution attacks.
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails, a startup that helps organizations keep track of internet-facing assets.
Threat hunters in the U.K.’s National Health Service have raised an alarm for an unknown threat actor hitting vulnerable VMWare Horizon servers with exploits for the ubiquitous Log4j security flaw.
A large-scale, long-term phishing experiment conducted in a 56,000-employee organization has come to a startling conclusion: Those simulated phishing tests commonly seen in corporate user-education campaigns are actually making things much worse.
Microsoft has quietly started notifying some Azure customers that a serious security vulnerability in the Azure App Service has caused the exposure of hundreds of source code repositories.
The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow global mitigation efforts.
Since the middle of 2020, a Chinese state-sponsored threat actor called ‘Tropic Trooper’ has been targeting transportation organizations and government entities related to transportation sector, Trend Micro reports.
If defenders needed any more urgency to patch and mitigate the explosive Log4j zero-day, along comes word that APT actors linked to China, Iran, North Korea and Turkey have already pounced and are actively exploiting the CVSS 10.0 vulnerability.
Venture capital investors are continuing to bet big on cloud security technologies with two early-stage startups announcing a combined $130 million in funding for products to help businesses secure cloud deployments.
Impostazioni privacy
Questo sito utilizza i cookie per migliorare la tua esperienza di navigazione su questo sito.
