Google Patches Actively Exploited Chrome Bug

The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code. While people were celebrating the Fourth of July holiday in the United States,…

Patchable and Preventable Security Issues Lead Causes of Q1 Attacks

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks. Eighty-two percent of attacks on organizations in Q1 2022 were caused…

Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again

Deja-Vu data from this year’s DBIR report feels like we are stuck in the movie ‘Groundhog Day.’ Ransomware and social engineering continue to dominate challenges facing cybersecurity professionals, according to…

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn. ChromeLoader may seem on the surface…

Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover

Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. A critical privilege escalation flaw found in two themes used by more than 90,000…

Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service

An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers. Cybercriminals are promoting a new, modular…

Millions of Java Apps Remain Vulnerable to Log4Shell

Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found. Four months after…

Google: 2021 was a Banner Year for Exploited 0-Day Bugs

Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes. Google Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a record in the short time the…

Protect Your Executives’ Cybersecurity Amidst Global Cyberwar

In this time of unprecedented cyberwar, organizations must protect the personal digital lives of their executives in order to reduce the company’s risk of direct or collateral damage. It’s been…

Cyberattackers Put the Pedal to the Medal: Podcast

Fortinet’s Derek Manky discusses the exponential increase in the speed that attackers weaponize fresh vulnerabilities, where botnets and offensive automation fit in, and the ramifications for security teams. Cyber-defenders have…