PseudoManuscrypt Malware Targeted Government & ICS Systems in 2021
The "PseudoManuscrypt" operation infected some 35,000 computers with cyber-espionage malware and targeted computers in both government and private industry.
Is Data Security Worthless if the Data Life Cycle Lacks Clarity?
If you cannot track, access, or audit data at every stage of the process, then you can't claim your data…
Conti ransomware uses Log4j bug to hack VMware vCenter servers
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and…
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has set the internet on fire. Below we summarize…
Why Log4j Mitigation Is Fraught With Challenges
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an…
Phorpiex Botnet Variant Spread Across 96 Countries
A new variant dubbed "Twizt" has hijacked 969 transactions and stolen the equivalent of nearly $500,000 USD.
Log4j attackers switch to injecting Monero miners via RMI
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both…
Crooks injects e-skimmers in random WordPress plugins of e-stores
Threat actors are injecting credit card swipers into random plugins of e-commerce WordPress sites, Sucuri researchers warn. Sucuri […] The…
Firefox users can’t reach Microsoft.com — here’s what to do
Those using the Mozilla Firefox web browser are left unable to access Microsoft.com domain. Tests by BleepingComputer confirm the issue…
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say.