Log4Shell, the critical unauthenticated remote code execution vulnerability identified in early December 2021 in the Apache Log4j logging utility, hasn’t seen the mass exploitation that many expected, but an exploit for it is now part of the Mirai botnet’s arsenal, researchers warn.
Microsoft has announced improved security for the users of its flagship Office productivity suite, courtesy of Excel 4.0 (XLM) macros now being restricted by default.
Researchers discovered that the Control Web Panel (CWP) web hosting panel is affected by two serious vulnerabilities that can allow attackers to remotely hack servers, and it’s possible that they may have already been exploited in the wild.
Cloud security and compliance automation startup Anitian this week closed a $55 million Series B funding round led by Sageview Capital.
The new investment brings the total raised by Anitian $71 million and provides fresh capital to fuel ambitious expansion plans.
The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the final version of its IPv6 security guidance for federal agencies.
Cloud security and application delivery solutions provider F5 this week announced patches for 25 vulnerabilities affecting its BIG-IP, BIG-IQ, and NGINX products.
A total of 23 security flaws were addressed in the BIG-IP application delivery controller (ADC), including 13 high-severity issues, all of which carry a CVSS score of 7.5.
Two high-severity vulnerabilities that can be exploited for privilege escalation have been patched in a McAfee enterprise product component.
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements.
Cisco on Tuesday announced patches for a critical vulnerability in the Redundancy Configuration Manager (RCM) for the StarOS software running on its ASR 5000 networking devices.
A Cisco proprietary node/network function, RCM delivers redundancy of StarOS-based user plane functions.
Drupal developers this week informed users about several vulnerabilities discovered in a third-party library that was recently resurrected after it had apparently been discontinued.
Privacy Settings
This website uses cookies to improve your experience while you navigate through the website.
