By exploiting a critical Drupal vulnerability recently disclosed by developers, attackers could potentially take control of websites and servers built on the CMS.
X-Force Red believes vulnerabilities should be ranked based on the importance of the exposed asset and whether the vulnerability is being weaponized by criminals, not necessarily its CVSS score.
Security researchers discovered a new variant of Mirai malware known as Miori that is targeting internet of things (IoT) devices to integrate into a larger botnet.
A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.
Traditional vulnerability assessments don't always show the full picture of cloud security, compliance and risk. How can enterprises get ahead of the curve?
A new zero-day vulnerability affecting Windows 7 through 10 was recently disclosed on Twitter. Within two days, security researchers spotted it in the wild.
A new router attack targeting MikroTik devices exploits a Winbox bug to install CoinHive malware and create backdoors.
In the process of fixing a flaw discovered in March 2018, security researchers from Drupal discovered another vulnerability that could enable threat actors to deliver cryptocurrency mining malware.
A decades-old mobile security flaw resurfaced in recent weeks after a U.S. senator reported that cybercriminals exploited the Signaling System 7 (SS7) protocol to breach a mobile carrier.
A series of penetration tests found that every bank is guilty of web application vulnerabilities and insufficient network security measures.