Microsoft Exchange servers hacked to deploy Hive ransomware
A Hive ransomware affiliate has been targeting Microsoft Exchange servers vulnerable to ProxyShell security issues to deploy various backdoors, including Cobalt Strike…
More Than Half of Initial Infections in Cyberattacks Come Via Exploits, Supply Chain Compromises
Mandiant data also shows a dramatic drop in attacker dwell time on victim networks in the Asia-Pacific region — to…
CISA orders agencies to fix actively exploited VMware, Chrome bugs
The Cybersecurity and Infrastructure Security Agency (CISA) has added nine more security flaws to its list of actively exploited bugs,…
Identifying a Vulnerability in the SAP Software Supply Chain
Make sure you're using the patch to block this supply chain attack.
Russian Group Sandworm Foiled in Attempt to Disrupt Ukraine Power Grid
The attack involved use of a new version of Industroyer tool for manipulating industrial control systems.
Microsoft April 2022 Patch Tuesday fixes 119 flaws, 2 zero-days
Today is Microsoft's April 2022 Patch Tuesday, and with it comes fixes for two zero-day vulnerabilities and a total of…
Qbot malware switches to new Windows Installer infection vector
The Qbot botnet is now pushing malware payloads via phishing emails with password-protected ZIP archive attachments containing malicious MSI Windows…
Bearded Barbie hackers catfish high ranking Israeli officials
The Hamas-backed hacking group tracked as 'APT-C-23' was found catfishing Israeli officials working in defense, law, enforcement, and government agencies,…
4 Ways to Improve Azure Active Directory Security
Why identity has emerged as the security perimeter in hybrid deployments By Guido Grillenmeier, Chief Technologist at Semperis […] The…
Microsoft detects Spring4Shell attacks across its cloud services
Microsoft said that it's currently tracking a "low volume of exploit attempts" targeting the critical Spring4Shell (aka SpringShell) remote code…