eSecurity Planet

APRIL 29, 2024

An old Microsoft Windows spooler flaw is added to the CISA KEV list, and the Cactus Ransomware gang currently pursues unfixed Qlik Sense servers with a vulnerability patched in September 2023. April 22, 2024 CISA Adds 2022 Windows Print Spooler Vulnerability to KEV Catalog Type of vulnerability: Elevation of privilege.

Firewall 108

Firewall Software Ransomware Penetration Testing 108

eSecurity Planet

MARCH 4, 2024

State actors actively attack Ivanti, Ubiquity, and Microsoft’s Windows AppLocker, and ransomware attackers probe for unpatched ScreenConnect servers in this week’s vulnerability recap. February 26, 2024 FCKeditor Used for SEO Poisoning on Government, University Sites Type of vulnerability: Malicious URL redirect.

IoT 117

IoT Internet Internet Ransomware 117

eSecurity Planet

MARCH 19, 2024

March 8, 2024 150,000 Fortinet Secure Web Gateways Remain Exposed Type of vulnerability: Arbitrary code execution (ACE). The problem: The FortiOS SSL VPN feature vulnerability, CVE-2024-21762, disclosed February 8th , remains exposed to attack on nearly 150,000 devices according to the ShadowServer Foundation website.

Authentication 117

Authentication VPN Software DDOS 117

eSecurity Planet

JULY 15, 2024

GitLab disclosed a pipeline flaw and Veeam addressed flaws exploited in active ransomware attacks. To reduce the risks caused by these vulnerabilities, affected users should apply patches, upgrade software, and strengthen security measures as soon as possible. and one high-severity vulnerability ( CVE-2024-39933 ; CVSS: 7.7).

Authentication 106

Authentication Backups Risk Software 106

eSecurity Planet

AUGUST 14, 2024

Its open-source nature and robust encryption capabilities have made it a staple in many organizations’ and individuals’ security arsenals. In March 2024, Microsoft reported the discovery to OpenVPN through Coordinated Vulnerability Disclosure (CVD) via Microsoft Security Vulnerability Research (MSVR).

Identity Theft 113

Identity Theft Data breaches Risk Internet 113

Digital Shadows

OCTOBER 29, 2024

In Q3 2024, ransomware service provider “RansomHub” emerged as the most dominant ransomware group, taking the mantle from “LockBit” and “ALPHV.” Hacktivist gang “KillSec,” originally aligned with the “Anonymous” hacktivist collective, has recently shifted towards financially motivated ransomware activity.

Ransomware 88

Ransomware Encryption Technology Cybercrime 88

eSecurity Planet

MAY 30, 2024

Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia.

Healthcare 123

Healthcare Cybersecurity Backups Penetration Testing 123

eSecurity Planet

JANUARY 29, 2024

January 19, 2024 Critical VMware vCenter Server Zero-Day Under Attack Since 2021 Type of vulnerability: Remote code execution (RCE) vulnerability. January 22, 2024 Apple Fixes 16 Vulnerabilities, Including Exploited Zero Days Type of vulnerability: A type confusion issue enables arbitrary code execution (ACE) attacks.

Authentication 104

Authentication Software CSO Accountability 104

SecureList

NOVEMBER 25, 2024

In this article in the KSB series, we review the trends of the past year, reflect on the predictions we made for 2024 , and offer insights into what we can expect in 2025. As expected, we continued to observe attacks in 2024 involving exploits for Apple devices. For instance, in Q2 2024, we saw a 23% increase in BYOVD usage.

IoT 112

IoT Energy and Utilities Phishing Cryptocurrency 112

eSecurity Planet

FEBRUARY 16, 2024

In February 2024, the CISA, NSA, and FBI warned of PRC cyber actors pre-positioning themselves again to disrupt the IT networks of U.S. Analysts and security software frequently struggle to spot malicious activity disguised as normal ones, complicating intrusion detection and mitigation efforts.

Internet 113

Internet Internet Network Security Cybersecurity 113

Digital Shadows

OCTOBER 29, 2024

In Q3 2024, ransomware service provider “RansomHub” emerged as the most dominant ransomware group, taking the mantle from “LockBit” and “ALPHV.” Hacktivist gang “KillSec,” originally aligned with the “Anonymous” hacktivist collective, has recently shifted towards financially motivated ransomware activity.

Ransomware 52

Ransomware Encryption Technology Cybercrime 52

Security Boulevard

FEBRUARY 10, 2025

As phishing attacks continue to evolve, so should our defenses. Phishing predictions for 2025In our ThreatLabz 2024 Phishing Report, we shared the following key predictions for the year to come: Prediction 1: AI vs. AI will be an enduring challengeEnhanced AI capabilities increase the speed, scale, and automation of cyberattacks.

Phishing 63

Phishing Mobile Encryption Social Engineering 63

Digital Shadows

FEBRUARY 26, 2025

According to CVE.org, hundreds of exploited vulnerabilities are recorded every dayover 40,000 in 2024 alone, a 38% increase from 2023. To stay ahead, security teams need a new approach: continuous, automated validation. At the same time, the threat landscape is evolving rapidly.

Penetration Testing 59

Penetration Testing Risk Ransomware Engineering 59

eSecurity Planet

SEPTEMBER 13, 2024

Real-world example: In 2024 , a sophisticated phishing network was dismantled after it targeted thousands of Australians, including customers of major banks. Malware & Ransomware Malware, including ransomware, is another major threat to the banking sector. Insider Threats Not all threats come from outside a bank’s walls.

Banking 97

Banking Identity Theft DDOS Cyber threats 97

NetSpi Executives

APRIL 23, 2025

By running tailored attack plays directly against your Azure environment, youll get actionable insights to improve your security. With this approach, NetSPI combines the best of BAS as a Service and cloud security to help you stay ahead of threats and keep your Azure tenants security defenses strong.

Penetration Testing 52

Penetration Testing Marketing Security Defenses Ransomware 52

eSecurity Planet

JUNE 18, 2024

Ransomware attacks , where hackers encrypt critical data and demand payment for decryption, have skyrocketed. In 2023 alone, the healthcare industry witnessed a staggering 130% increase in ransomware attacks. million records were breached, marking a bad year for data security. In 2021, 45.9 2022 was even worse, with 51.9

Cybersecurity 67

Cybersecurity Healthcare Computers and Electronics Data breaches 67

eSecurity Planet

MAY 24, 2024

Overcoming these demands strong security rules and regular monitoring to properly manage threats and secure cloud assets and services. Palo Alto’s 2024 State of Cloud-Native Security survey says that 61% of enterprises are concerned about these assaults.

Encryption 116

Encryption Risk Authentication Technology 116

eSecurity Planet

OCTOBER 9, 2024

In February 2024 , Connectwise was also hit by hackers exploiting two major security vulnerabilities. Get the Free Cybersecurity Newsletter Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices.

Software 62

Software Authentication Mobile Risk 62

eSecurity Planet

JULY 30, 2024

Colorado: Years ago, the Community College of Denver received a $250,000 federal grant and used it to create 1,600 IT and cybersecurity apprenticeships from March 2020 through March 2024. Palo Alto Networks courses: PA provides courses like Fundamentals in Cloud Security and Fundamentals of Security Operations Centers.

Cybersecurity 123

Cybersecurity System Administration Engineering Firewall 123

eSecurity Planet

DECEMBER 19, 2023

2023 cybersecurity issues will continue: Weak IT fundamentals, poor cybersecurity awareness, and ransomware will still cause problems and make headlines. In 2024, AI poisoning attacks will become the new software supply chain attacks. However, 2024 will be the year that API security preparedness and threats gain momentum.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

SecureList

MAY 7, 2025

Global ransomware trends and numbers With the International Anti-Ransomware Day just around the corner on May 12, Kaspersky explores the ever-changing ransomware threat landscape and its implications for cybersecurity. At the same time, the share of users affected by ransomware attacks increased by 0.02

Ransomware 68

Ransomware Manufacturing Encryption Backups 68