Business Security

Details on the proof-of-concept (PoC) exploit for two unpatched, critical remote code execution (RCE) vulnerabilities in the network configuration management utility rConfig have been recently disclosed.

Patch now: Two Chrome zero-days were reported, one of them actively exploited in a campaign. Meanwhile, BlueKeep was initially reported seen in the wild to install a malicious Monero miner.

Almost 4,000 domains and 62 phishing kit variants used to target Microsoft users were uncovered within an observation window of 262 days, according to new report.

Trend Micro’s Zero Day Initiative (ZDI) will bring industrial control system (ICS) hacking into the Pwn2Own competition. The categories will be based on how widely used the system is and the relevance to researchers and the ICS community.

Esports competitions continue to gain momentum, making the entities involved more attractive targets for cybercrime.

A misconfigured cloud-based ElasticSearch database has exposed almost 7.5 million Adobe Creative Cloud user records that include email addresses, member IDs, information on installed Adobe products and subscription statuses, and whether or not they are Adobe e

Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.

A look into cryptocurrencies' state and how cybercriminals abuse miner malware to profit at the expense of legitimate businesses, how to find signs of infection, and recommendations to defend systems from its abuse.

Threat actors launched phishing attempts against several humanitarian and non-governmental organizations.