In the first quarter of 2022, several high-severity vulnerabilities were targeted by threat actors to facilitate malicious campaigns. The first quarter of 2022 has continued with the tempo set at the end of 2021 – notably, threat actors continued to target the Log4Shell vulnerability that was discovered in the fourth quarter of 2021. The fallout […]
The past three months have been a particularly challenging time for security teams. 2021 rounded off in the most spectacular fashion—if you can call it that—with the discovery of the Log4Shell vulnerability leaving security teams scrambling to identify and fix systems before threat actors could exploit. We’ve written a considerable amount on the issues surrounding […]
In the first quarter of 2021, several high-severity vulnerabilities were used as a conduit to solicit several malicious campaigns. This included malware and ransomware operators, nation-state actors targeting software suppliers for supply chain attacks, and continued targeting of virtual private network (VPN) devices. The first quarter of 2021, as observed in our vulnerability roundup, has […]
Note: This blog is a revisit on our 2018 coverage of the Spectre and Meltdown vulnerabilities. You can read further on Meltdown and Spectre: the Story So Far. In the past week, a security researcher discovered several working exploits for the infamous Spectre and Meltdown hardware vulnerabilities (also known affectionately in some circles as ‘Smeltdown’), […]
A couple of weeks ago, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a joint alert detailing the top ten most commonly exploited vulnerabilities between 2016 and 2019. The alert also highlights several vulnerabilities routinely exploited throughout 2020. This blog will discuss two main trends that […]