One Year After Log4Shell, Most Firms Are Still Exposed to Attack
Though there have been fewer than expected publicly reported attacks involving the vulnerability, nearly three-quarters of organizations remain exposed to…
New Windows malware also steals data from victims’ mobile phones
Security researchers found a previously unknown backdoor they call Dolphin that's been used by North Korean hackers in highly targeted…
New Windows malware scans victims’ mobile phones for data to steal
Security researchers found a previously unknown backdoor they call Dophin that's been used by North Korean hackers in highly targeted…
Slippery RansomExx Malware Moves to Rust, Evading VirusTotal
A new, harder-to-peg version of the ransomware has been rewritten in the Rust programming language.
Iranian APT Actors Breach US Government Network
CISA says Federal Civilian Executive Branch systems were compromised through a Log4Shell vulnerability in an unpatched VMware Horizon server.
Spacecraft Vulnerable to Failure, Thanks to Aerospace Networking Bug
A single device with malicious code can foil a networking protocol used by spacecraft, aircraft, and industrial control systems, resulting…
China-Based Billbug APT Infiltrates Certificate Authority
Access to digital certificates would allow the Chinese-speaking espionage group to sign its custom malware and skate by security scanners.
US govt: Iranian hackers breached federal agency using Log4Shell exploit
The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian…
Chinese hackers target government agencies and defense orgs
The Chinese espionage APT (advanced persistent threat), tracked as 'Billbug' (aka Thrip, or Lotus Blossom), is currently running a 2022…
New hacking group uses custom ‘Symatic’ Cobalt Strike loaders
A previously unknown Chinese APT (advanced persistent threat) hacking group dubbed 'Earth Longzhi' targets organizations in East Asia, Southeast Asia,…