Common Vulnerabilities and Exposures (CVE) stories - Page 16

Vulnerability disclosures are returning to normal levels, with 2020 on track to surpass 2019, according to a report by Risk Based Security.

The cryptominer was recently discovered when attackers targeted internet-facing database servers (SQL servers), and the MrbMiner was downloaded and installed.

Ongoing cyber attacks targeting Linux systems have been discovered, with users urged to patch their systems immediately, warns Check Point Research.

Sophos has become a Numbering Authority in the Common Vulnerabilities and Exposures programme, enabling it to assign CVE identification to its own products.

The research also found that 35% of the breaches recorded by Tenable were caused by ransomware attacks, while 14% of breaches stemmed from email compromises.

The malware has impacted 7% of organisations globally, following a spam campaign which targeted more than 100,000 users per day during the holiday season.

GitHub's 2020 State of the Octoverse report reveals the latest trends in developer activity, including top languages and security vulnerabilities.

Unmitigated vulnerabilities could give an attacker access to the device, enabling the attacker to break encryption, modify code, and run certain commands.

Trickbot and Emotet are being used to distribute ransomware against hospitals globally, according to research from Check Point.

Australian government warns of growing cybercrime threat; organisations' intellectual property and financial information at risk.

Temi is commonly used in environments including businesses, healthcare, retail, hospitality, and other environments including the home.

Malware exploiting a decade-old Microsoft Office vulnerability has surged by 400%, according to a study by NordVPN.

Manufacturers using Wibu-Systems CodeMeter are urged to update to version 7.10 due to vulnerabilities that could allow attackers to take control of OT networks.

One in three IT environments vulnerable to Ripple20 cyber threat, says ExtraHop. Attackers can exploit 19 vulnerabilities in the Treck networking stack.

The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.

According to the company’s annual mid-year roundup report, Trend Micro blocked 8.8 million COVID-19 related threats, nearly 92% of which were email-based.

Industrial control system (ICS) vulnerabilities are increasing due to remote access, says a report by The Claroty Research Team.

Kaspersky uncovers zero-day exploits in Windows OS and Internet Explorer used in targeted attack, prompting security patches.

Rapid7 has released a report detailing the changing internet risk landscapes of 2020, and other issues facing cybersecurity teams.

Vulnerable VPN servers and clients used in critical industries have been discovered by cybersecurity firm Claroty, potentially leading to security breaches.