Web Security

Windows CLFS Vulnerability Used for Ransomware Attacks

Microsoft’s Patch Tuesday for April 2023 targets 97 vulnerabilities, seven of them rated critical – as well as one that’s currently being exploited in the wild. The one flaw that’s currently being exploited, CVE-2023-28252, is an elevation of privilege vulnerability in the Windows Common Log File System (CLFS) Driver that could provide an attacker with […]

The post Windows CLFS Vulnerability Used for Ransomware Attacks appeared first on eSecurityPlanet.

April 12, 2023
0 comment
Read More >>

Kali Linux Penetration Testing Tutorial: Step-By-Step Process

Kali Linux turns 10 this year, and to celebrate, the Linux penetration testing distribution has added defensive security tools to its arsenal of open-source security tools. It remains to be seen if Kali Purple will do for defensive open source security tools what Kali Linux has done for open source pentesting, but the addition of […]

The post Kali Linux Penetration Testing Tutorial: Step-By-Step Process appeared first on eSecurity Planet.

April 8, 2023
0 comment
Read More >>

What Is a DMZ Network? Definition, Architecture & Benefits

A DMZ network, or a demilitarized zone, is a subnetwork in an enterprise networking environment that contains public-facing resources — such as web servers for company websites — in order to isolate them from an enterprise’s private local area network (LAN). Also referred to as a perimeter network or screened subnet, a DMZ network acts […]

The post What Is a DMZ Network? Definition, Architecture & Benefits appeared first on eSecurityPlanet.

April 7, 2023
0 comment
Read More >>

What is Ransomware? Everything You Should Know

Ransomware is a type of malicious program, or malware, that encrypts files, documents and images on a computer or server so that users cannot access the data. Ransomware is the most feared cybersecurity threat and with good reason: Its ability to cripple organizations by locking their data is a threat like no other. Knowing what […]

The post What is Ransomware? Everything You Should Know appeared first on eSecurityPlanet.

April 6, 2023
0 comment
Read More >>

Over 15 Million Systems Exposed to Known Exploited Vulnerabilities

Effective vulnerability management is about knowing what you own and prioritizing what you need to fix. A new research report shows that millions of organizations are failing at those critical cybersecurity practices. Researchers at cybersecurity firm Rezilion found more than 15 million instances in which systems are vulnerable to the 896 flaws listed in the […]

The post Over 15 Million Systems Exposed to Known Exploited Vulnerabilities appeared first on eSecurityPlanet.

April 5, 2023
0 comment
Read More >>

Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits

Enterprise IT, network and security product vulnerabilities were among those actively exploited in zero-day attacks last year, according to a recent Mandiant report. Mandiant tracked 55 zero-day vulnerabilities that were actively exploited in 2022. That’s fewer than the 81 zero-days exploited in 2021, but far more than those exploited in any previous year. Going forward, […]

The post Weakness at the Network Edge: Mandiant Examines 2022’s Zero-Day Exploits appeared first on eSecurityPlanet.

March 27, 2023
0 comment
Read More >>

Network Protection: How to Secure a Network

Networks connect devices to each other so that users can access assets such as applications, data, or even other networks such as the internet. Network security protects and monitors the links and the communications within the network using a combination of hardware, software, and enforced policies. Networks and network security comes in a wide range […]

The post Network Protection: How to Secure a Network appeared first on eSecurityPlanet.

March 23, 2023
0 comment
Read More >>

Microsoft Targets Critical Outlook Zero-Day Flaw

Microsoft’s Patch Tuesday for March 2023 includes patches for more than 70 vulnerabilities, including zero-day flaws in Outlook and in Windows SmartScreen. According to Crowdstrike researchers, 40 percent of the patched vulnerabilities are remote code execution flaws, down from 48 percent last month; 31 percent are elevation of privilege flaws, up from almost 16 percent […]

The post Microsoft Targets Critical Outlook Zero-Day Flaw appeared first on eSecurityPlanet.

March 17, 2023
0 comment
Read More >>

What is Network Security? Definition, Threats & Protections

Network security creates shielded, monitored, and secure communications between users and assets. Despite the rapid evolution of what constitutes the users, assets, and connections, the fundamentals of networking security remain the same: block external threats, protect internal network communications, monitor the network for internal and external threats, and ensure that users only access authorized parts […]

The post What is Network Security? Definition, Threats & Protections appeared first on eSecurityPlanet.

March 15, 2023
0 comment
Read More >>

BlackMamba PoC Malware Uses AI to Avoid Detection

HYAS researchers recently developed proof-of-concept (PoC) malware that leverages AI both to eliminate the need for command and control (C2) infrastructure and to generate new malware on the fly in order to evade detection algorithms. The malware, dubbed “BlackMamba,” is the latest example of exploits that can evade even the most sophisticated cybersecurity products. While […]

The post BlackMamba PoC Malware Uses AI to Avoid Detection appeared first on eSecurityPlanet.

March 10, 2023
0 comment
Read More >>