Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors
Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability,…
Microsoft Patch Tuesday, December 2021 Edition
Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security…
New ransomware now being deployed in Log4Shell attacks
The first public case of the Log4j Log4Shell vulnerability used to download and install ransomware has been discovered by researchers.…
Microsoft Patches Zero-Day Spreading Emotet Malware
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.
DHS announces ‘Hack DHS’ bug bounty program for vetted researchers
The Department of Homeland Security (DHS) has launched a new bug bounty program dubbed "Hack DHS" that allows vetted cybersecurity…
Microsoft fixes Windows AppX Installer zero-day used by Emotet
Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...]
Inside Ireland’s Public Healthcare Ransomware Scare
The accounting firm PricewatersCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland's…
XDR: What It Is, What It Isn’t
The three must-haves in eXtended Detection and Response are: making data accessible, facilitating real-time threat detection, and providing remediation strategies.
Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums
Every high-profile breach leaves a trail of bread crumbs, and defenders who monitor access brokers can connect the dots and…
Google pushes emergency Chrome update to fix zero-day used in attacks
Google has released Chrome 96.0.4664.110 for Windows, Mac, and Linux, to address a high-severity zero-day vulnerability exploited in the wild. [...]