Malicious PyPi packages turn Discord into password-stealing malware
A dozen malicious PyPi packages have been discovered installing malware that modifies the Discord client to become an information-sealing backdoor…
Mitigate Risk by Securing Third Party Software and Environments
Software Security Requires Ongoing Vigilance Against New and Evolving Vulnerabilities By Tim Kenney, Chief Operating Officer, SOOS Businesses […] The…
Bizarre ransomware sells decryptor on Roblox Game Pass store
A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's…
Roblox Game Pass store used to sell ransomware decryptor
A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's…
Log4j Attack Surface Remains Massive
Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use…
Public interest in Log4Shell fades but attack surface remains
It's been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat…
New powerful Prynt Stealer malware sells for just $100 per month
Threat analysts have spotted yet another addition to the growing space of info-stealer malware infections, named Prynt Stealer, which offers…
Oxeye Introduce Open Source Payload Deobfuscation Tool
Ox4Shell exposes hidden payloads thatare actively being used to confuse security protection tools and security teams.
The Week in Ransomware – December 17th 2021 – Enter Log4j
A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat…
TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows…