Stay informed with Security World Trend Now! Discover the latest security trends, technologies, and strategies to protect your data, networks, and digital identity. Get expert insights and practical advice for ensuring your online safety. Explore now!
Vulnerabilities in Adobe ColdFusion Exploited in Attacks Background Last week, Adobe disclosed three critical vulnerabilities in its ColdFusion software, two of which appear to have been exploited in the wild. The vulnerabilities are CVE-2023-29298, an improper access control issue, CVE-2023-29300, a deserialization issue, and CVE-2023-38203, another deserialization issue. While there is no evidence that CVE-2023-29300…
ICS/OT APT Exploit Targeting Rockwell Automation Flaws Threatens Critical Infrastructure Overview An advanced persistent threat (APT) group has recently identified and exploited two vulnerabilities in Rockwell Automation products, posing a significant risk to critical infrastructure. Rockwell Automation has released firmware patches for the affected products and has shared indicators of compromise (IoCs) and detection rules….
Hackers Exploit Windows Kernel Mode Driver Policy Loophole to Gain Access to Systems Overview Researchers from Cisco Talos have discovered that hackers are utilizing open source tools to exploit a policy loophole in Microsoft’s Windows driver-signing policy. This loophole allows threat actors to load malicious and unverified drivers with expired certificates, granting them full access…
Report: Cybersecurity Threats and the Importance of Protection Introduction The increasing reliance on technology in every aspect of our lives has brought about a parallel rise in cybersecurity threats. With the constant evolution of technology and the growing sophistication of hackers, individuals and businesses must remain vigilant and take necessary precautions to protect their data…
Report: Android Security and the Importance of Internet Safety Introduction Android, the world’s most popular mobile operating system, offers many conveniences and features that users enjoy. However, as with any connected device, it also comes with its fair share of vulnerabilities and security threats. Keeping your devices and data safe from malware, phishing attempts, and…
Attackers Quickly Utilize Proof-of-Concept Code for Real-World Attacks A recent study conducted by researchers at Trustwave reveals that attackers are able to swiftly turn published proof-of-concept (PoC) code into workable exploits. The researchers deployed honeypots designed to mimic common enterprise appliances and found that attackers began exploiting vulnerabilities within days or weeks of the release…
## Coalition Launches the Coalition Exploit Scoring System **SAN FRANCISCO — June 15, 2023** — Coalition, the world’s first Active Insurance provider designed to prevent digital risk before it strikes, has announced the launch of their Coalition Exploit Scoring System (Coalition ESS). Developed by Coalition Security Labs, the company’s research and innovation center, Coalition ESS…
Perimeter 81’s Network Security Platform As cyber attacks continue to escalate, businesses and organizations are in dire need of efficient network security platforms that can protect them from the ever-increasing number of cyber threats. Perimeter 81’s network security platform aims to provide this protection, and perhaps more importantly, save IT managers’ time while doing so….
Security Researchers Warn About Spoofing Bug in Microsoft Visual Studio Installer Security researchers from Varonis have discovered a spoofing vulnerability in Microsoft Visual Studio installer that enables cyberattackers to create and distribute malicious extensions to application developers, posing as legitimate software publishers. The bug provides attackers with the ability to infiltrate development environments, take control,…
MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do Last week, Progress Software Corporation alerted its customers of its MOVEit Transfer and related MOVEit Cloud products about a critical vulnerability dubbed CVE-2023-34362. MOVEit Transfer is a system that provides secure collaboration and automated file transfers of sensitive data…