Vulnerability

Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook’s latest data fiasco, and some less-than-brilliant April Fool’s tricks.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” p…

Read More Smashing Security podcast #222: Facebook, deepfakes, and April Fools scandals – with Nina Schick

Fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019, according to WatchGuard. Q4 2020 also brought a 41% increase in encrypted malware detect…

Read More Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT

Microsoft has released out-of-band security updates for seven bugs affecting Microsoft Exchange Servers, four of which are zero-day vulnerabilities being exploited by attackers in the wild to plunder on-premises machines. According to Volexity, the attacks have been going on for nearly two months, possibly even longer. Our team has been tirelessly working several intrusions since January involving multiple 0-day exploits in Microsoft Exchange. We’ve released the details of this threat activity alongside Microsoft’s Out of … More

The post Exchange Servers targeted via zero-day exploits, have yours been hit? appeared first on Help Net Security.

Read More Exchange Servers targeted via zero-day exploits, have yours been hit?

The day after VMware released fixes for a critical RCE flaw (CVE-2021-21972) found in a default vCenter Server plugin, opportunistic attackers began searching for publicly accessible vulnerable systems. We’ve detected mass scanning activity targeting vulnerable VMware vCenter servers (https://t.co/t3Gv2ZgTdt). Query our API for “tags=CVE-2021-21972” for relevant indicators and source IP addresses. #threatintel https://t.co/AcSZ40U5Gp — Bad Packets (@bad_packets) February 24, 2021 “In our opinion, the RCE vulnerability in the vCenter Server can pose no less a … More

The post Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP! appeared first on Help Net Security.

Read More Attackers are looking to exploit critical VMware vCenter Server RCE flaw, patch ASAP!