LinkedIn Brand Now the Most Abused in Phishing Attempts
Shipping, retail, and tech companies are no longer the most popular brands used to hide phishing attacks. Instead, social media platforms have become the brands of choice used to...
Zero-Day Exploit Use Exploded in 2021
Threat actors exploited more zero-day vulnerabilities in 2021 than any prior year and mostly in software from Microsoft, Google, and Apple.
State-backed advanced persistent threat actors remained the most prolific...
FBI Warns Ransomware Attacks on Agriculture Co-ops Could Upend Food Supply Chain
Ransomware operators are eyeing attacks on large networks of farmers, called agriculture cooperatives, during make-or-break planting and harvest seasons, when they are likely most desperate to pay, according to...
North Korean State Actors Deploying Novel Malware to Spy on Journalists
New analysis has attributed a spear-phishing campaign targeting journalists covering North Korea to APT37/Ricochet Chollimia, a state-backed group linked to the Democratic People's Republic of Korea (DPRK). Notably, researchers...
Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw
An Iranian cyber espionage group that some vendors track as Rocket Kitten has begun exploiting a recently patched critical vulnerability in VMware Workspace ONE Access/Identity Manager technology to deliver...
Cyber Conflict Overshadowed a Major Government Ransomware Alert
As the cyber dimension of the Ukraine conflict erupted, demonstrating the ungoverned and unstable nature of full-on cyberwar, a parallel ransomware alert from the US government got comparatively scant...
API Attacks Soar Amid the Growing Application Surface Area
Driven by the popularity of agile development, the usage of Web application programming interfaces (APIs) has increased dramatically, leaving software-focused companies with larger, and more vulnerable, attack surfaces that...
Log4j Attack Surface Remains Massive
Attackers who want to exploit the critical remote code execution vulnerability disclosed in the Apache Log4j logging tool over four months ago still have a vast array of targets...
Tenable’s Bit Discovery Buy Underscores Demand for Deeper Visibility of IT Assets
Vulnerability and cybersecurity assessment firm Tenable announced on Tuesday plans to acquire 4-year-old startup Bit Discovery, becoming the latest company to acquire an attack-surface management business in the past...
Chinese APT Bronze President Mounts Spy Campaign on Russian Military
China's tacit support for Russia's war in Ukraine apparently doesn't preclude likely China-backed cyber actors from mounting espionage campaigns on the Russian military.
Researchers from Secureworks' Counter Threat Unit this...