Hot Topics

Exploits

Action1 patching cyberattacks JumpCloud patching

The Importance of Timely Patching

| | Cybersecurity, Exploits, IT Security, patching, Vulnerabilities
Yet another new critical vulnerability was uncovered with the discovery that Microsoft Office could be exploited through a malicious Word document and used to run remote code execution. Meanwhile, many old vulnerabilities ...
Security Boulevard
Towards Practical Security Optimizations for Binaries

Towards Practical Security Optimizations for Binaries

| | attacks, Exploits, reversing, Static Analysis
By Michael D. Brown, Senior Security Engineer To be thus is nothing, but to be safely thus. (Macbeth: 3.1) It’s not enough that compilers generate efficient code, they must also generate safe ...
Trail of Bits Blog
Exploits Explained: How Log4j, Buffer Overflows and Other Exploits Work

Exploits Explained: How Log4j, Buffer Overflows and Other Exploits Work

| | buffer overflows, Exploits, Log4j, Log4Shell, Security Concepts
How Exploits Work In cybersecurity, the term “exploit” is used to represent a piece of code, data or sequence of commands that takes advantage of… The post Exploits Explained: How Log4j, Buffer ...
The CISO Perspective

Cybersecurity in Competitive Online Gaming (Cheating, Mitigation, and Vulnerabilities)

| | Exploits, IT Security and Data Protection, Online Gaming
As the competitive online gaming and eSports industries gain legitimacy by becoming more popular and attracting mainstream attention, the question of competitive integrity lingers in the back of my mind. Can the ...
The State of Security
UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

| | Apache Log4j Vulnerability, Apache Servers, CVE-2021-44228, Cybereason Defense Platform, enterprise security, Exploits, GitHub, Log4Shell, Logout4Shell Vaccine, mitigation, Network Security, patch management, patching, rce, remediation, Remote Code Execution, Vulnerabilities, vulnerability, zero-day
UPDATE 12/17/21: The Logout4Shell Vaccine has been updated to add a persistent option in addition to the existing one which reverted upon server restart. The previous version of the Vaccine used the ...
Blog
UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

UPDATED: Cybereason Log4Shell Vaccine Offers Permanent Mitigation Option for Log4j Vulnerabilities (CVE-2021-44228 and CVE-2021-45046)

| | Apache Log4j Vulnerability, Apache Servers, CVE-2021-44228, Cybereason Defense Platform, enterprise security, Exploits, GitHub, Log4Shell, Logout4Shell Vaccine, mitigation, patch management, patching, rce, remediation, Remote Code Execution, vulnerability, zero-day
UPDATE 12/17/21: The Logout4Shell Vaccine has been updated to add a persistent option in addition to the existing one which reverted upon server restart. The previous version of the Vaccine used the ...
Blog

Apple Sues NSO Group

| | Apple, courts, Exploits, spyware, Uncategorized
Piling more on NSO Group’s legal troubles, Apple is suing it: The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. To prevent further abuse and ...
Schneier on Security
The CISA Directive Is Crucial for Cybersecurity

The CISA Directive Is Crucial for Cybersecurity

| | cisa, Cybereason Defense Platform, Cybersecurity, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, Exploits, Federal Government, governance, government, Infosec, national security, Network Security, patch management, patching, Unified Endpoint Security, Vulnerabilities, vulnerability
As the CEO of a cybersecurity company, it’s important to stay informed--to know about breaking news, emerging threats, and rising trends to provide direction for the company and protection for our customers ...
Blog
What Are the Most Common Attack Vectors for Ransomware?

What Are the Most Common Attack Vectors for Ransomware?

| | Anti-Ransomware, Cybereason Anti-Ransomware Solution, Cybersecurity, EDR, Endpoint Controls, endpoint detection and response, Endpoint Protection Platform, Exploits, Infosec, Microsoft RDP, Microsoft Remote Desktop Protocol, Multi-Stage Ransomware, Phishing, RansomOps, Ransomware, ransomware as a service, Ransomware-as-s-Service, security, spear-phishing, Unified Endpoint Security, Vulnerabilities, vulnerability
There’s been record growth of ransomware attacks in 2021. A recent report documented 304.7 million attack attempts in the first six months of the year, as reported by Threatpost. That’s 100,000 more ...
Blog
NOBELIUM Demonstrates  Why Microsoft Is the Weakest Link

NOBELIUM Demonstrates  Why Microsoft Is the Weakest Link

| | azure, cyberattack, cybercrime, E5 License, Exploits, Lior Blog, Lior Div, Microsoft, microsoft defender, Microsoft Exchange, NOBELIUM, RansomOps, Ransomware, Russia, SolarWinds Attacks, Vulnerabilities, vulnerability
Microsoft platforms and products are ubiquitous. Government agencies and companies of all sizes and industries around the world rely on Microsoft software to get things done. They are also riddled with security ...
Blog
Load more