News

Emerging cyberattacks and threats

• June 19, 2019 19 Jun'19

  BlueKeep warnings having little effect on Windows patching

  DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet.

• June 14, 2019 14 Jun'19

  Dragos: Xenotime threat group targeting U.S. electric companies

  Dragos says Xenotime, the threat group behind a devastating ICS attack in 2017, has been probing the networks of U.S. electric utilities and also attempted network intrusions.

• June 13, 2019 13 Jun'19

  RAMBleed: New Rowhammer attack can steal data from memory

  Security researchers developed a Rowhammer attack variant, called RAMBleed, that can steal data from memory and works even if systems are patched against Rowhammer.

• June 06, 2019 06 Jun'19

  NSA issues BlueKeep warning as new PoC exploit demos

  The NSA issued a rare warning for users to patch against the BlueKeep vulnerability on the same day a security researcher demoed an exploit leading to a full system takeover.

• June 04, 2019 04 Jun'19

  Microsoft issues second BlueKeep warning urging users to patch

  Microsoft again urged users to patch against the BlueKeep vulnerability as more potential exploits surface and one researcher discovered almost 1 million vulnerable systems.

• May 23, 2019 23 May'19

  'BlueKeep' Windows Remote Desktop flaw gets PoC exploits

  Multiple researchers created proof-of-concept exploits, including remote code execution attacks, targeting the recently patched Windows Remote Desktop flaw called BlueKeep.

• May 16, 2019 16 May'19

  ZombieLoad: More side channel attacks put Intel chips at risk

  Another set of side channel vulnerabilities were discovered in Intel chips. Security researchers explain the risks posed by the flaws and offer advice on mitigation steps.

• May 14, 2019 14 May'19

  Zero-day WhatsApp vulnerability could lead to spyware infection

  A zero-day vulnerability in WhatsApp was used in targeted attacks that involved installing spyware on mobile devices, which may be the work of an advanced threat actor.

• May 06, 2019 06 May'19

  Enterprise security threats rising, consumer attacks falling

  Cybercriminals are increasingly taking aim at businesses, according to a recent Malwarebytes report. Security experts weigh in on best practices for defending against malware attacks.

• May 02, 2019 02 May'19

  CrowdStrike tackles BIOS attacks with new Falcon features

  CrowdStrike added firmware attack detection capabilities to its Falcon platform and also expanded its partnership with Dell to help organizations tackle BIOS threats.

• May 01, 2019 01 May'19

  Huawei ban highlights 5G security issues CISOs must tackle

  Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.

• April 26, 2019 26 Apr'19

  FBI report says BEC attacks are increasing, evolving

  According to the FBI's 2018 Internet Crime Report, business email compromise attacks are on the rise. Security experts highlight how BEC scams are evolving.

• April 24, 2019 24 Apr'19

  Flashpoint responds to evolving dark web threats

  Cybersecurity firm Flashpoint updated its threat intelligence platform to better address evolving techniques and practices on the dark web, such as encrypted chat usage.

• April 19, 2019 19 Apr'19

  Forcepoint pushes 'human-centric cybersecurity' approach

  During the launch of the Forcepoint Cyber Experience Center in Boston, Forcepoint execs emphasized the need for adopting a new approach to cybersecurity that focuses on the human factor.

• April 19, 2019 19 Apr'19

  DNS hijacking campaign targets national security organizations

  A DNS hijacking campaign targeting national security organizations and critical infrastructure may be part of a new trend, according to the researchers behind recent attacks.