Threat actors – both state-backed and financially motivated – are increasingly taking advantage of previously unknown vulnerabilities, or zero-days, to compromise their victims before fixes or patches are made available by the tech industry, according to an advisory published by the Five Eyes cyber agencies, including the UK’s National Cyber Security Centre (NCSC) and the…
Zero-day exploits increasingly sought out by attackers Read More »
Over the first seven-and-a-half months of 2024, the number of newly-disclosed common vulnerabilities and exposures (CVEs) soared 30% year-on-year from 17,114 to 22,254, according to data published by Qualys researchers. However, out of this huge number of flaws, barely a hundredth – 204 or 0.9% – were weaponised by threat actors, said Qualys, the majority…
2024 seeing more CVEs than ever before, but few are weaponised Read More »
Google Cloud’s Mandiant and Barracuda Networks have confirmed that a zero-day vulnerability in Barracuda’s Email Security Gateway (ESG) appliances was heavily exploited by suspected Chinese state hackers – tracked as UNC4841 – in a months-long campaign targeting government bodies, mostly in the US and Canada, although a number of UK victims were observed. The existence…
Zero-day that forced Barracuda users to bin kit was exploited by China Read More »
The National Cyber Security Centre (NCSC), alongside its Five Eyes partner agencies in Australia, Canada, New Zealand and the US, have released details of the 12 most exploited vulnerabilities of 2022, with the likes of Log4Shell and ProxyShell still riding high. The collective said their list served as a warning about the importance of updating…
Log4Shell, ProxyShell still among most widely exploited flaws Read More »
Some of the world’s largest suppliers of networking technology have joined together with the Center for Cybersecurity Policy and Law, a Washington DC-based non-profit, to form an industry alliance focused on aligning technology providers, cyber security experts and non-profits to help solve some of the most pressing cyber security problems affecting data and networks today.…
Cisco, BT and others launch network security coalition Read More »
