Cybersecurity - The Stack (Page 21)

GoDaddy punched in the cPanel server by hackers

Pshaw “no material adverse impact”

Edward Targett February 20, 2023

FBI says cyber incident is “contained” after apparent child sexual abuse systems breach

Featured

FBI

FBI says cyber incident is “contained” after apparent child sexual abuse systems breach

Did malware-riddled digital evidence evade scans before upload?

The Stack February 17, 2023

Hackers eye “Havoc” for C2 diversity, as Cobalt Strike detections improve

Featured

Read This

c2

Hackers eye “Havoc” for C2 diversity, as Cobalt Strike detections improve

Hackers appear to be increasingly adopting the Havoc command and control (C2) framework, security researchers say. The open source framework, developed by C5pider, supports the building of offensive agents in several formats including Windows PE executable, PE DLL and shellcode and is an alternative to the paid for (or cracked)...

The Stack February 17, 2023

Patch Tuesday

Microsoft’s Valentine’s Day gift: Patches for 3 CVEs being exploited

February’s Patch Tuesday brings the post-Valentine’s Day hangover of 75 bug fixes from Microsoft including three for CVEs known to be exploited in the wild: CVE-2023-21715, CVE-2023-23376 , and CVE-2023-21823. Strikingly, more than half of the bugs fixed this month are remote code execution (RCE) vulnerabilities. (A record 26,...

The Stack February 15, 2023

This critical enterprise file transfer software is being actively exploited

Featured

Read This

This critical enterprise file transfer software is being actively exploited

In early 2021 a successful attack by hackers on Accellion, a file transfer service provider, resulted in significant repercussions downstream: Energy supermajor Shell, global law firm Goodwin Procter, and investment bank Morgan Stanley were among the blue chips that saw data stolen as a result. Now a critical vulnerability in...

The Stack February 11, 2023

Over 83,000 ESXi servers are internet-exposed as mass attack continues

VMware denies zero day being used

The Stack February 08, 2023

Securing cloud-native architecture at scale: From runtime to remediation

Featured

Read This

Securing cloud-native architecture at scale: From runtime to remediation

The way we instrument for security doesn't require us to put out 25 different agents

Edward Targett February 07, 2023

VMware ESXi ransomware attacks continue: 500+ hit

VMware ESXi ransomware attacks continue: 500+ hit

This story has been updated here on February 8. Security researchers are reporting an explosion in the compromise of VMware ESXi hypervisors with over 500 machines hit by ransomware this weekend, with the automated attacks likely exploiting CVE-2021-21974. As The Stack published, some 20 ESXi machines were reportedly being ransomed...

The Stack February 04, 2023

GoDaddy punched in the cPanel server by hackers

FBI says cyber incident is “contained” after apparent child sexual abuse systems breach

Hackers eye “Havoc” for C2 diversity, as Cobalt Strike detections improve

Microsoft’s Valentine’s Day gift: Patches for 3 CVEs being exploited

This critical enterprise file transfer software is being actively exploited

Over 83,000 ESXi servers are internet-exposed as mass attack continues

Securing cloud-native architecture at scale: From runtime to remediation

VMware ESXi ransomware attacks continue: 500+ hit