According to Sansec researchers, there is a massive surge in the TrojanOrders attacks ahead of the holiday season and approximately 38% of Magento 2 and Adobe Commerce websites are being targeted by the attacks.
A server misconfiguration at a firm that provides medical claims processing for correctional facilities exposed sensitive information of nearly 600,000 inmates who received medical care during the last decade while incarcerated.
In February 2022, the threat actors exploited Log4Shell for initial access to the organization’s unpatched VMware Horizon server. As part of their initial exploitation, CISA observed a connection to a known malicious IP address lasting 17.6 seconds.
Tracked as CVE-2022-42898 and impacting multiple Samba releases, the security defect exists in the Service for User to Proxy (S4U2proxy) handler, which provides “a service that obtains a service ticket to another service on behalf of a user.”
A novel attack method has been disclosed against a crucial piece of technology called time-triggered ethernet (TTE) that's used in safety-critical infrastructure, potentially causing the failure of systems powering spacecraft and aircraft.
The on-going danger and threat of a ransomware attack looms large among security pros as the threat landscape increases daily. And many believe the worst is yet to come, according to a survey by CRA Business Intelligence.
While attacks on RDP ports grew during the COVID-19 pandemic as a result of the rise of remote work, the port has continued to be a popular attack method for criminals despite many workers returning to the office.