A recent study reveals that security teams are unprepared for ransomware and struggle with increasing regulatory complexity.

Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild. The security vulnerability affected millions of Google Chrome users.

Organizations must take a proactive and comprehensive security approach to warding off zero-day exploits. That strategy should include five parts.

A new Microsoft Office zero-day security vulnerability allows adversaries to execute PowerShell commands via Microsoft Diagnostic Tool (MSDT) by opening a Word document. 

A proactive approach to zero-day vulnerabilities is conducting threat hunting based on the assumption that the organization has been breached using one or more security vulnerabilities. 

Mandiant and Google identified a significant jump in 2021 in security vulnerabilities that threat actors exploited before a patch became available.

Security teams are still dealing with fallout from the Log4j vulnerability, according to a recent poll from cybersecurity nonprofit (ISC)².

The Q3 Internet Security Report from WatchGuard Technologies found trends relating to ransomware, network attacks and zero-day malware.

HP Wolf Security threat research team sees cybercriminals using legitimate cloud providers to host malware, and switching up file and script types to evade detection tools.

Apple has released an emergency software patch to plug a security hole Citizen Lab researchers discovered affecting all its operating systems, exploited to infect the iPhone of a Saudi activist with NSO Group’s Pegasus spyware.