New Magecart group uses an e-Skimmer that avoids VMs and sandboxes
A new Magecart group leverages a browser script to evade virtualized environments and sandboxes used by researchers. Malwarebytes […] The…
US seizes $6 million from REvil ransomware, arrest Kaseya hacker
The United States Department of Justice today has announced charges against a REvil ransomware affiliate responsible for the attack against…
Sitecore XP RCE flaw patched last month now actively exploited
The Australian Cyber Security Center (ACSC) is alerting web admins of the active exploitation of CVE-2021-42237, a remote code execution…
Kaspersky Finds DDoS Attacks in Q3 Grow by 24%, Become More Sophisticated
The total number of smart attacks (advanced DDoS attacks that are often targeted) increased by 31% when compared to the…
OneDrive reaches end of support on Windows 7, 8 in January
Microsoft has announced that the OneDrive desktop application will reach the end of support on legacy Windows 7, 8, and…
CISA shares a catalog of 306 actively exploited vulnerabilities
The US CISA shared a list of vulnerabilities known to be exploited in the wild and orders US […] The…
50% of internet-facing GitLab installations are still affected by a RCE flaw
Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited […] The…
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware
A new threat actor is hacking Microsoft Exchange servers and breaching corporate networks using the ProxyShell vulnerability to deploy the Babuk…
How to Avoid Another Let’s Encrypt-Like Meltdown
Experts weigh in on steps network and security administrators need to take before the next time a root certificate expires.
Researchers Scan the Web to Uncover Malware Infections
Dozens of companies and universities regularly scan the Internet to gather data on connected devices, but some firms are looking…