Zero-Day Attack - Security Intelligence

Professional working on a laptop with Bluetooth headphones: ScarCruft

news

ScarCruft Threat Group Using Malware to Steal Information From Bluetooth Devices

An advanced persistent threat (APT) group known as ScarCruft is now using malware to steal information off of Bluetooth devices.

May 14, 2019 | By David Bisson

news

Security professional reacting to a supply chain attack

news

Operation ShadowHammer Supply Chain Attack May Have Distributed Backdoor to 1 Million-Plus Users

Security researchers believe a supply chain attack known as "Operation ShadowHammer" may have distributed a backdoor to more than 1 million users.

March 26, 2019 | By David Bisson

news

Woman using her mobile phone on public transit: mobile threat defense

article

Stay on Top of Zero-Day Malware Attacks With Smart Mobile Threat Defense

Mobile threats are growing both in number and severity. To protect crucial data, organizations need mobile threat defense solutions that can replicate the accuracy of manual analysis on a large scale.

December 14, 2018 | By Vivien Raoul

article

A businesswoman updating software on a laptop.

news

Researchers Report Nearly 20,000 Vulnerabilities in 2017, Reinforcing the Need for a Proactive Cybersecurity Strategy

A recent study revealed that the number of software vulnerabilities soared to almost 20,000 in 2017, suggesting an urgent need for organizations to adopt a proactive cybersecurity strategy.

April 5, 2018 | By Shane Schick

news

article

Apache Struts 2: A Zero-Day Quick Draw

It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.

May 16, 2017 | By Dave McMillen

article

Popular forum software vBulletin was forced to shut down its website and issue an emergency patch, but organizations that haven't updated to the more secure version of the program are at risk of server hacking and other types of attacks.

news

Server Hacking Against vBulletin Users Escalates Following Emergency Patch

Cybercriminals were reportedly going on a server hacking spree weeks after vBulletin patched a major vulnerability in its popular online forum software.

November 18, 2015 | By Shane Schick

news

Microsoft has released new exploit mitigations after discovering that several zero-day use-after-free (UAF) vulnerabilities were targeting Internet Explorer. These features include the Memory Protector and the Isolated Heap.

article

Understanding IE’s New Exploit Mitigations: The Memory Protector and the Isolated Heap

In response to two attacks, new Internet Explorer exploit mitigations were released to increase the cost of exploiting IE use-after-free vulnerabilities.

August 29, 2014 | By Mark Yason

article

Defending your company through blacklisting and white-listing techniques. Which one is better for your company? It depends on what you're trying to achieve and the kinds of attacks you're attempting to avoid.

article

Blacklisting, White-listing and the Way Forward: Comments on the Schneier-Ranum Face-Off

Will white-listing or blacklisting better protect your enterprise? We weigh in on the ongoing debate.

March 20, 2013 | By George Tubin

article

Java is the most vulnerable programming language used by businesses today; however, it may be too critical to a business's functionality to remove. Many firms use programs that require usage of older versions of the script.

article

Can You Get Rid of Java?

Java suffers the most malware infections of any programming language and recent zero-day exploits now warrant removing it from business applications.

March 7, 2013 | By George Tubin

article

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Phishing Campaign Delivers Multi-Feature, Open-Source Babylon RAT

More Than 100 US Businesses Affected by Ryuk Ransomware Since August 2018, Finds FBI

Detections of Dharma Ransomware Rise 148 Percent Between February and April 2019

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Penetration Testing Versus Red Teaming: Clearing the Confusion

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast: ‘You Can Never Have Too Much Encryption’

Podcast: Automating Cyber Resilience Best Practices With Dr. Larry Ponemon

Webinar: Guardium Tech Talk: An Integrated Approach to Data Risk Management

Webinar: The Debrief: Using Tools and Methods From the Intelligence Community to Stop Threats to Your Organization

Webinar: Operational Technology Security in the Age of Digital Transformation

Webinar: Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on the Cyber Resilient Organization

Tag: Zero-Day Attack

ScarCruft Threat Group Using Malware to Steal Information From Bluetooth Devices

Operation ShadowHammer Supply Chain Attack May Have Distributed Backdoor to 1 Million-Plus Users

Stay on Top of Zero-Day Malware Attacks With Smart Mobile Threat Defense

Researchers Report Nearly 20,000 Vulnerabilities in 2017, Reinforcing the Need for a Proactive Cybersecurity Strategy

Apache Struts 2: A Zero-Day Quick Draw

Server Hacking Against vBulletin Users Escalates Following Emergency Patch

Understanding IE’s New Exploit Mitigations: The Memory Protector and the Isolated Heap

Blacklisting, White-listing and the Way Forward: Comments on the Schneier-Ranum Face-Off

Can You Get Rid of Java?