Browsing: Threat Intelligence

Latest MagicINFO 9 Server Still Vulnerable Despite Patch Claims

Kirsten DoyleMay 8, 20252 Mins Read

While reports suggest that the latest version of Samsung MagicINFO 9 Server (21.1050.0) addresses the high-severity vulnerability tracked as CVE-2024-7399,…

A Closer Look at PlugValley: Threat Actor Profile

Alexis OberMay 5, 20257 Mins Read

Fortra threat intelligence analysts are tracking AI vishing-as-a-service offerings by the threat actor group PlugValley that include spoofing capabilities, custom…

“Shadow Role” Vulnerability in AWS Services Could Lead to Full Account Takeover

Kirsten DoyleApril 30, 20253 Mins Read

Aqua Security’s Team Nautilus has discovered a critical vulnerability in six popular AWS services that could allow bad actors to…

Google Report: Fewer Zero-Day Attacks in 2024, But Enterprise Tech Now in the Crosshairs

Kirsten DoyleApril 30, 20254 Mins Read

Seventy-five zero-day vulnerabilities were actively exploited in 2024 — down from 98 in 2023, but still higher than the 63…

Stronger Together: Why IT and Security Collaboration is Business Critical

Joel RennichApril 28, 20255 Mins Read

As UK businesses accelerate their digital transformation, the move to cloud-based and hybrid work environments has introduced new layers of…

Max Severity Commvault Command Center Flaw Allows Attackers to Execute Code Remotely

Kirsten DoyleApril 25, 20253 Mins Read

A critical security vulnerability has been discovered in the Commvault Command Center, that could enable malicious actors to remotely to…

SAP NetWeaver Flaw Puts Businesses at Risk, ReliaQuest Reports

Kirsten DoyleApril 24, 20252 Mins Read

ReliaQuest has uncovered a serious vulnerability in SAP NetWeaver, a popular software platform used by many businesses around the world. …

CISA Issues Five New Alerts for Critical ICS Vulnerabilities

Kirsten DoyleApril 24, 20254 Mins Read

CISA has published five advisories alerting of critical vulnerabilities in Industrial Control Systems (ICS) manufactured by Siemens, Schneider Electric, and…

Researchers Warn of Critical Vulnerability in Erlang/OTP SSH

Kirsten DoyleApril 22, 20253 Mins Read

A team of researchers from Ruhr University Bochum — Fabian Bäumer, Marcus Brinkmann, Marcel Maehren, and Jörg Schwenk — have…

Senators Push to Extend Key Cybersecurity Protections

Kirsten DoyleApril 17, 20255 Mins Read

Two senators have introduced a bipartisan bill to extend key cybersecurity protections that encourage businesses to share threat information with…