Browsing: Threats and Vulnerabilities

Google Mandiant: Time-to-Exploit Falls, Zero Day Exploits Rise

Josh Breaker RolfeOctober 23, 20243 Mins Read

A staggering 70% of exploited vulnerabilities in 2023 were leveraged as zero days, meaning threat actors exploited the flaws in…

Attackers Exploit Roundcube Webmail Vulnerability

Kirsten DoyleOctober 23, 20244 Mins Read

Cybersecurity experts from Positive Technologies’ Security Expert Center (PT ESC) have uncovered an exploit targeting Roundcube Webmail, an open-source email client…

ConfusedPilot Exposes Vulnerability in AI Systems Used by Major Enterprises

Kirsten DoyleOctober 18, 20245 Mins Read

A novel attack, dubbed ConfusedPilot, has been discovered, targeting widely used Retrieval Augmented Generation (RAG)-based AI systems such as Microsoft…

Building Digital Resilience: Insider Insights for a Safer Cyber Landscape

Kirsten DoyleOctober 18, 202413 Mins Read

Due to the tremendous feedback we received on our first two articles, which shared invaluable cybersecurity advice from industry experts,…

New Threat Actor Tool EDRSilencer Repurposed for Malicious Use

ISB Staff ReporterOctober 16, 20243 Mins Read

The Trend Micro Threat Hunting Team has identified an alarming new trend in cyber attacks: malefactors are adopting EDRSilencer, a…

TrickMo’s Latest Trick – Stealing PINs and Unlock Patterns

Kirsten DoyleOctober 15, 20243 Mins Read

Mobile device and app security firm Zimperium has discovered a new capability in the notorious banking Trojan TrickMo. Some of…

Veeam Vulnerability Actively Exploited by Ransomware Gangs

Kirsten DoyleOctober 15, 20244 Mins Read

NHS England’s National Cyber Security Operations Centre (CSOC) has issued a high-severity cyber alert in response to the active exploitation…

Palo Alto Networks Warns of Exploitable Firewall Hijack Vulnerabilities

Kirsten DoyleOctober 10, 20243 Mins Read

Palo Alto Networks has issued an urgent advisory for its customers following the discovery of multiple critical vulnerabilities in its…

American Water Hit by Cyberattack

Kirsten DoyleOctober 8, 20243 Mins Read

American Water, the largest publicly traded water and wastewater utility in the United States, has had to shut down certain…

New DDoS Attack Vector Discovered in CUPS, Exposing 58,000+ Vulnerable Devices Online

ISB Staff ReporterOctober 7, 20244 Mins Read

Akamai researchers have identified a critical vulnerability in the Common Unix Printing System (CUPS) that could allow malicious actors to…

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics