Security News > 2022 > April > Week in review: Spring4Shell vulnerability, attackers exploiting patched RCE in Sophos Firewall
Attackers are exploiting recently patched RCE in Sophos FirewallA critical vulnerability in Sophos Firewall in being exploited in the wild to target "a small set of specific organizations primarily in the South Asia region," Sophos has warned.
IceID trojan delivered via hijacked email threads, compromised MS Exchange serversA threat actor is exploiting vulnerable on-prem Microsoft Exchange servers and using hijacked email threads to deliver the IceID trojan without triggering email security solutions.
JavaScript security: The importance of prioritizing the client sideIn this interview with Help Net Security, Vitaly Lim, CTO at Feroot, talks about the most common JavaScript threats, the devastating impact of malicious or vulnerable code, and the importance of JavaScript security in the development process.
The security gaps that can be exposed by cybersecurity asset managementCybersecurity asset management does not come with the excitement following the metaverse, blockchain, or smokescreen detection technologies, but it is essential for the protection of corporate infrastructure.
According to a recent survey conducted by the Ponemon Institute, 59% of embedded product security decision-makers say they've lost revenue due to product security concerns.
Cloud-native adoption shifts security responsibility across teamsStyra released a research report which explores how in sync, or misaligned, IT leaders and developers are when it comes to cloud-native technology use and security during their digital transformation journeys.
News URL
Related news
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- Custom "Pygmy Goat" malware used in Sophos Firewall hack on govt network (source)