News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: exploits

Cyber ​​attacks via Powershell, exploits and PyInstaller
16 April 2025
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A threat analysis by G DATA CyberDefense shows that ransomware remains a major threat. At the same time, cybercriminals are increasingly using Powershell and PyInstaller in their attacks. Vulnerabilities in applications and operating systems are also a popular attack vector. Even though law enforcement agencies dismantled cybercriminals' infrastructures in 2024, for example, during Operations "Endgame" and "Power Off," cybercriminals continue to find ways to infiltrate IT systems. This doesn't require new malware. They refine existing attack tools and combine various tools. The experts at G DATA CyberDefense have compiled current threat data…

Read more

These are the most important security vulnerabilities and attack techniques
March 20, 2025
| No comments
| PR News
These are the most important security vulnerabilities and attack techniques

The number of reported security vulnerabilities increased by 2024 percent in 38. As dependence on software systems grows, so does the attack surface. JFrog explains the biggest security risks of 2024 and ways to increase resilience in 2025. The increasing interconnectedness and dependence on software systems has significantly expanded the attack surface for cyber threats. In 2024, the number of reported vulnerabilities reached a new high, with over 40.000 CVEs—an impressive increase of 38 percent. The following analysis, based on the findings of the JFrog Security Research Team, highlights the most significant security vulnerabilities and attack techniques...

Read more

Discovered: Criminal hackers with hacking competitions
11 October 2023
| No comments
| Short news, Sophos
SophosNews

In a new report, Sophos X-Ops uncovers hacker research contests on online criminal forums for innovations and overcoming security hurdles. These cybercriminal research contests also offer individual prize money of up to $80.000. In its new report "For the win? Offensive Research Contests on Criminal Forums", Sophos X-Ops describes hacker research contests run by cybercrime forums to drive new attack innovations. The contests focus on new attack and evasion methods and reflect trends in cybercrime, such as taking down AV/EDR, cryptocurrency fraud, and setting up command-and-control infrastructures. Hacker groups use competitions to seek new...

Read more

2021: Record year for zero-day vulnerabilities 
12 Maj 2022
| No comments
| Short news

The trade in zero-day vulnerabilities and associated exploits is growing rapidly. Mandiant examined the many exploits and summarized the results in a report. China, Russia and North Korea in particular are the major providers of exploits. Zero-day exploits have become so popular among hackers that they have a market of their own. The exploit industry is financially very profitable for criminals, which is why it is constantly growing. Microsoft, Google's Chrome browser - even the big ones are not protected from criminals finding and exploiting security gaps in their systems that were previously unknown...

Read more

Log4j alarm: heat maps show attempted attacks and scans
23 December 2021
| No comments
| Short news, Sophos
SophosNews

Sophos is tracking scans for the Log4j vulnerability worldwide and the countries where many exploits are coming from: China and Russia. The findings show two heatmaps. Sean Gallagher, Senior Threat Researcher at Sophos "Sophos continues to monitor scans for Log4j vulnerabilities. In the past, we have seen large spikes in such scans and exploit attempts and then a significant decline. In the case of Log4j, we have not seen a decline, but rather daily scans and access attempts from a globally distributed infrastructure. We expect this high level of activity to continue as the vulnerability...

Read more

Log4j alarm: Mandiant provides tools 
16 December 2021
| No comments
| Short news

The BSI has issued the highest warning level for the security hole discovered a few days ago in the widely used Java library log4j. Mandiant provides free tools for creating rules for the systematic search for deserialization exploits. Mandiant released free tools on GitHub today that companies can use to create rules for systematically searching for deserialization exploits and other types of zero-day exploits. This also includes rules for finding the JNDI Code Injection Zero-Day, which was published for log4j last week. Rules Against Deserialization Exploits In a new blog post, Mandiant describes ...

Read more

Study: Great danger from old weak points
September 15, 2021
| No comments
| Stories

Trend Micro Study: Old vulnerabilities pose great risk. Around a quarter of the exploits traded in the cybercriminal underground are over three years old. Trend Micro, one of the world's leading providers of cybersecurity solutions, publishes a new study calling on companies to focus their patching measures on the vulnerabilities that pose the greatest risk to their business - even if they are several years old are. 3-year-old exploits remain in demand Trend Micro Research found that 22 percent of exploits traded on underground forums are more than three years old….

Read more

Exchange: New vulnerabilities discovered and closed
24 April 2021
| No comments
| GData, Short news
G Data News

In mid-April there were again some critical updates for Microsoft Exchange. As with hafnium, experts strongly advise installing the patches. Unlike with hafnium, however, the warning came from the American NSA. On patch day in mid-April, Microsoft closed two critical security holes that affect locally installed instances of Exchange 2013, 2016 and 2019. These security vulnerabilities allow arbitrary program code to be executed on an affected system. In contrast to the security vulnerabilities that the Hafnium group used, there are currently no signs, according to Microsoft, that the vulnerabilities are active ...

Read more

© 2025 MedPressIT Selinger
Cookie Settings