As attackers continue to advance and increase their sophistication levels, legacy email security technologies no longer provide sufficient protection for organizations.
The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI), launched a joint public service announcement (PSA) sharing clear actions to stay cybersecure this holiday season.
It’s hard to know how many systems are already compromised by the log4j security vulnerability. It may take months or even years until we know if most critical systems were patched in time.
Blumira research team has discovered an alternative attack vector in the Log4j vulnerability that relies on a basic Javascript WebSocket connection to trigger the RCE locally via drive-by compromise.
As many have seen, the Log4Shell vulnerability, which was discovered over the weekend, is an extremely serious flaw and will likely impact organizations for years to come. Here’s what we know thus far, and how enterprises can remain safe as this vulnerability persists.
Cybersecurity leaders are concerned that attackers could further weaponize the Log4j security vulnerability by creating a "worm" that spreads automatically from one vulnerable device to another.
A Vulcan Cyber study highlights the struggle of IT security teams to transition from simple vulnerability identification to meaningful response and mitigation, limiting the risk insights business leaders and IT management professionals need to effectively protect valuable business assets.
Lookout Threat Labs researchers have discovered a distribution of the Anubis Android banking malware that is masquerading as the official account management application from Orange S.A., a leading French telecommunications company.