An analysis of data collected by the NIST about vulnerabilities from 2020 says numbers of security loopholes in 2020 skyrocketed to create a new record.
At least 50% of apps used in manufacturing, public services, healthcare, retail, education, and utility sectors contain one or more serious exploitable vulnerabilities, according to WhiteHat Security.
Researchers from Red Canary said that while Silver Sparrow malware has not released any malicious payloads yet, it’s poised to unload malicious payloads at a moment’s notice.
The Justice Department unsealed charges against three intelligence officers, revealing more details about incursions on Sony Pictures and the National Health Service in Britain, and other attacks.
Critical zero-day vulnerabilities in Gaper, an ‘age gap’ dating app, could be exploited to compromise any user account and potentially extort users, security researchers claim.
Introduced in September 2020, the NIST Phish Scale system scores phishing emails based on certain key properties to determine their level of sophistication and deceptiveness.
The flaw was present in the iCloud-hosted versions of Apple’s Pages and Keynote software. Exploitation involved creating a new document or presentation and entering an XSS payload into its name field.
The SolarWinds breach is a reminder that, in general, any company that relies heavily on tools alone to secure its network infrastructure and software is taking an enormous risk.
The White House team leading the investigation into the SolarWinds hack is worried that the breach of 100 US companies has the potential to make the initial compromise a headache in future.
In a new report, Zscaler revealed the widespread use of Discord to host multiple payloads, including the Epsilon ransomware, Redline stealer, XMRig miner, and Discord token grabbers.