New Search
If you are not happy with the results below please do another search
119 search results for: threat
Springtime for Vulnerabilities
March 2024 was another eventful month for vulnerabilities and cybersecurity in general. It was the second consecutive month of lapsed Common Vulnerability Exposure (CVE) enrichment putting defenders in a precarious position with reduced risk visibility. The Linux kernel continued its elevated pace of vulnerability disclosures and was commissioned as a new CVE Numbering Authority (CNA). […]
Municipalities, authorities and companies under pressure: serious attacks on the rise, NIS2 becomes mandatory
After experts noticed a rapid increase in cyberattacks on local authorities and government agencies in 2023, the horror stories don’t stop in 2024. The pressure to act is enormous, as the EU’s NIS2 Directive will come into force in October and makes risk and vulnerability management mandatory. “The threat level is higher than ever,” said […]
Chinese hackers and Fortinet vulnerabilities: Warnings from US government
For several years in a row, the Californian manufacturer Fortinet has been in the public focus due to serious security problems. Known for its secure firewall, VPN and intrusion detection devices, the cyber security expert was again forced to announce several highly critical security vulnerabilities in February 2024. Staying informed and applying patches promptly is […]
Microsoft Patches 73 Vulnerabilities Including Actively Exploited Critical Flaw in Exchange Server
In February 2024, Microsoft issued a security alert for a total of 73 security vulnerabilities. The batch included 6 critical severity vulnerabilities, 52 rated as high severity, and 15 as medium severity vulnerabilities. 30 of them are remote code execution vulnerabilities [T1210] and 16 are privilege escalation [TA0004] exploits. From that group, three stand out […]
CISA warning: Serious Security Vulnerability in MS Sharepoint
Two security vulnerabilities in Sharepoint – both from last year – are currently causing trouble for Sharepoint administrators. Because attackers are increasingly exploiting a combination of the two vulnerabilities, the Cybersecurity Infrastructure Security Agency CISA is now also issuing a warning. Affected customers of the Greenbone Enterprise Feed have been warned since June 2023. Remote […]
Tracking News: Juniper Junos Vulnerabilities
5 Known Juniper Junos Vulnerabilities Being Actively Exploited CISA has added 5 CVEs relating to Juniper Junos (aka Junos OS), to its Known Exploited Vulnerabilities (KEV) catalog. The full exploit chain involves combining several lower-severity CVEs to achieve pre-authentication remote code execution (RCE). The 5 CVEs range in severity from CVSS 9.8 Critical to CVSS […]
15 years of Greenbone – a look back at 2023
The end of the year could hardly be better: Greenbone can look back on the most successful year in its company history. After 15 years, the Osnabrück-based company has grown into a successful public limited company in 2023. Greenbone has grown from 50 to 120 employees within the space of a year, and the journey […]
Supposedly pro-Russian hackers try to exploit Sharepoint vulnerability
Update from 2023-12-06: Last week, we reported on pro-Russian hacktivists scanning for vulnerable SharePoint Servers to exploit a critical vulnerability (CVE-2023-29357). New findings suggest that the group, calling themselves “Zarya”, is undertaking various exploit-attempts, including directory traversal and targeting specific vulnerabilities in systems such as OpenWRT-Routers. The IP address 212.113.106.100, associated with these activities, has […]
