Log4j Attack Surface Remains Massive
Attackers who want to exploit the critical remote code execution vulnerability disclosed in the Apache Log4j logging tool over four months ago still have a vast array of targets...
Tenable’s Bit Discovery Buy Underscores Demand for Deeper Visibility of IT Assets
Vulnerability and cybersecurity assessment firm Tenable announced on Tuesday plans to acquire 4-year-old startup Bit Discovery, becoming the latest company to acquire an attack-surface management business in the past...
Chinese APT Bronze President Mounts Spy Campaign on Russian Military
China's tacit support for Russia's war in Ukraine apparently doesn't preclude likely China-backed cyber actors from mounting espionage campaigns on the Russian military.
Researchers from Secureworks' Counter Threat Unit this...
Microsoft: Russia Using Cyberattacks in Coordination With Military Invasion of Ukraine
In apparent orchestrated coordination with military operations against Ukraine, six Russian state-supported threat actors have targeted civilian infrastructure inside the country with more than 237 individual cyber operations, according to...
Bumblebee Malware Buzzes Into Cyberattack Fray
At least three separate waves of cyberattacks are underway that feature a sophisticated new malware loader dubbed Bumblebee that fetches shell code and second-stage tools, such as Cobalt Strike, Sliver, and...
The Ransomware Crisis Deepens, While Data Recovery Stalls
When it comes to ransomware, more companies are seeing attacks and have had data encrypted, according to research out this week. And even though more companies are backing up...
Critical Vulnerabilities Leave Some Network-Attached Storage Devices Open to Attack
Network attached storage (NAS) device vendors QNAP and Synology this week disclosed multiple critical vulnerabilities in an open source fileserver technology integrated into their products.
The vulnerabilities — several of...
REvil Revival: Are Ransomware Gangs Ever Really Gone?
Evidence that members of the defunct REvil group may be reviving the ransomware gang continues to accumulate, but cybersecurity experts question whether the group will have the same impact...
Unpatched DNS-Poisoning Bug Affects Millions of Devices, Stumps Researchers
After months of work by industrial control systems (ICS) cybersecurity teams, a fix for a widespread Domain Name System (DNS) poisoning bug still hasn't been found. Now they're asking for...
SolarWinds Attackers Gear Up for Typosquatting Attacks
A typosquatting campaign intended to abuse popular brands is in the works, likely tied to Nobelium, the notorious Russian-state-backed group behind the SolarWinds attacks.
Recorded Future in its latest research is warning...
