Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization's patch management efforts.
Remote attackers have abused ConnectWise Control software to deliver ransomware to its victims. The latest attacks against a real estate company used ransomware dubbed "Zeppelin", a variant of the VegaLocker ransomware family.
A multi-stage downloader trojan dubbed sLoad uses BITS to steal data from compromised systems. Attackers use sLoad to evade anti-malware protections and security monitoring that may not detect activity using these unconventional protocols.
Microsoft has revealed new cyber threat activity by a group dubbed GALLIUM that targets global telecommunication providers and unpatched web servers.
Thousands of Disney+ account owners have reported their accounts have been hacked hours after the Disney+ video streaming service was launched.
Security researchers from Trend Micro have spotted a dozen obfuscated botnets being used in a highly targeted malware campaign.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has warned of an ongoing and widespread phishing campaign designed to spread Emotet malware throughout Australia.
Cyber attackers are exploiting an older Drupal remote code execution vulnerability CVE-2018-7600 dubbed Drupalgeddon2.
Microsoft has warned a cyber threat group dubbed Phosphorus has recently targeted email accounts belonging to Microsoft customers.
Security experts are again warning that advanced persistent threat (APT) actors are exploiting vulnerabilities in multiple Virtual Private Network (VPN) applications.