What Causes a Rise or Fall in Fresh Zero-Day Exploits?
Why are so many fresh zero-day vulnerabilities getting exploited in the wild? A new study from Google says that last year, 41 new zero-day vulnerabilities were exploited in the wild. While that’s welcome news in terms of recent volume – it’s a 40% decrease from the all-time annual high of 69 in 2021 – it’s…
Every Application Journey Needs a Cybersecurity Platform
The desire for digital acceleration has led organizations to drive toward delivering faster and better application experiences and to bring applications and data closer to users and devices. Many organizations realize that application journeys are fluid in practice because applications can live anywhere from data centers to hybrid and multi-clouds to edge compute. The reason…
TSA Updates Pipeline Cybersecurity Requirements
The security directive for pipeline owners and operators — released following the disruptive cyberattack that hit Colonial Pipeline in 2021 — requires them to implement measures to improve their defenses against cyberattacks. The TSA updated the requirements in July 2022 to offer more flexibility in achieving the outlined goals. Exactly one year later, the agency…
Ivanti Zero-Day Exploit Disrupts Norway’s Government Services
A zero-day authentication bypass vulnerability in Ivanti software was exploited to carry out an attack on the Norwegian Ministries Security and Service Organization. The attack affected communications networks at 12 Norwegian government ministries, according to the original statement, preventing employees in those departments from accessing mobile services and email. The government noted that the Prime…
Orgs Face Record $4.5M Per Data Breach Incident
The average cost per data breach for business in 2023 jumped to $4.45 million, a 15% increase over three years. But instead of investing in cybersecurity, 57% of breached organizations told IBM they were inclined to just pass those costs onto consumers. The final total for the year could be even higher: With organizations struggling…
As Ransomware Monetization Hits Record Low, Groups Innovate
The Clop group’s mass exploitation of MOVEit file-transfer software represents the latest stage of innovation in the ever-evolving ransomware ecosystem. As with all cybercrime, criminals’ imperative is simple: maximize illicit profits via the least amount of effort, time and risk. Russian-speaking criminal group Clop’s attacks have affected at least 421 organizations – and likely many…
CVSS 4.0 Is Here, But Prioritizing Patches Still a Hard Problem
The soon-to-be-released Version 4.0 of the Common Vulnerability Scoring System (CVSS) promises to fix a number of issues with the severity metric for security bugs. But vulnerability experts say that prioritizing patches or measuring exploitability will still be a tough nut to crack. The Forum of Incident Response and Security Teams (FIRST) released a preview…
When Cybercriminals Go Phishing, Emails Get the Most Bites
For cybercriminals looking to attack businesses, email continues to be the preferred attack vector. Despite a rapidly changing technology landscape with new innovations such as ChatGPT, cybercriminals are opting to adapt their email-based techniques to improve old tactics rather than create new methods altogether. This is largely because email provides cybercriminals with a direct line…
Ukrainian Police Shutter Propaganda-Spreading Bot Farm
Ukrainian law enforcement dismantled yet another bot farm spreading Russian propaganda over social media. The Ukrainian Cyber Police raided 21 locations across the country and seized computer equipment, mobile phones and more than 250 GSM gateways, including 150,000 SIM cards of different mobile operators used in the illicit activities to create fake social media profiles….
Attackers can abuse Google Cloud Build to poison production environments
Researchers warn that a permission associated with the Google Cloud Build service in Google Cloud can be easily abused by attackers with access to a regular account to elevate their privileges and potentially poison container images used in production environments. Google Cloud Build is a CI/CD platform that allows organizations and developers to execute code…
