Organizations need to get better at mitigating threats from unknown vulnerabilities, especially as both state-backed operatives and financially-motivated cybercriminals are increasing their activity. Zero-day vulnerabilities have always had something of a special reputation in the cybersecurity space. These software bugs are exploited for attacks before the flaw is known to the software vendor and so before a … More What’s behind the record‑high number of zero days?
ESET has detected hundreds of thousands of attack attempts globally that track to the critical Log4Shell vulnerability. Most attack attempts are located in the United States, the United Kingdom, and the Netherlands, yet nearly 180 countries and territories are under fire largely due to the global prevalence of the Log4j software library in systems around … More Log4Shell: ESET blocks hundreds of thousands of attack attempts
Hundreds of thousands of attempts to exploit the vulnerability are under way. In many cases, updating IT systems and patching security vulnerabilities is a quiet matter that business leaders may be little concerned with other than knowing that they have approved a budget for the IT team to get it done. That quiet approach is … More What every business leader needs to know about Log4Shell
The critical flaw in the ubiquitous Log4j utility has sent shockwaves far beyond the security industry – here’s what we know so far. Just as the holiday season is approaching our doorstep, a critical vulnerability in an Apache code library called Log4j 2 has come knocking at the door. Log4j is an open-source Java-based logging library that … More Log4Shell vulnerability: What we know so far
The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML. The arrival of the second Tuesday of the month can only mean one thing in cybersecurity terms, Microsoft is rolling out patches for security vulnerabilities in Windows and its other offerings. This time round Microsoft’s … More Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws