US Search for Vulnerabilities Drives 10x Increase in Bug Reports
A September 2020 directive to US government agencies to create vulnerability disclosure policies has driven a surge in bug-reporting activities: The federal sector saw a 1,000% increase in valid...
Europol Shuts Down Popular Cybercriminal VPN Service
Law enforcement authorities have acted against the criminal use of VPN services with the shutdown of VPNLab.net, which was used to support ransomware attacks and other crimes.
The disruption took...
Russia Takes Down REvil Ransomware Operation, Arrests Key Members
Russia's Federal Security Service (FSB) has arrested members of the prolific REvil ransomware group at the US government's request in a significant development that is being received with some...
Maryland Dept. of Health Responds to Ransomware Attack
A cyberattack affecting the Maryland Department of Health (MDH) has been confirmed a ransomware attack, the departments of Health and Information Technology confirmed this week.
The attack, first described as...
BlueNoroff Threat Group Targets Cryptocurrency Startups
BlueNoroff, an advanced persistent threat (APT) group that's part of the larger Lazarus Group associated with North Korea, is behind a series of attacks against small and medium-sized companies...
Microsoft RDP Bug Enables Data Theft, Smart-Card Hijacking
Microsoft Windows systems going back to at least Windows Server 2012 R2 are affected by a vulnerability in the Remote Desktop Services protocol that gives attackers, connected to a...
New Cyberattack Campaign Uses Public Cloud Infrastructure to Spread RATs
A recently discovered attack campaign uses public cloud infrastructure to deliver variants of commodity RATs Nanocore, Netwire, and AsyncRATs to target users' data, researchers report.This campaign, detected in October,...
Flashpoint Acquires Risk Based Security
Threat intelligence firm Flashpoint today announced its acquisition of Risk Based Security, a security company specializing in vulnerability intelligence, breach data, and vendor risk ratings.The Richmond, Va.-based company was...
Details Released on SonicWall Flaws in SMA-100 Devices
Details have been released on multiple vulnerabilities affecting the SonicWall Secure Mobile Access (SMA) 100 series of devices, which includes the SMA 200, 210, 400, 410, and 500v.
Rapid7 lead...
Cloud Apps Replace Web as Source for Most Malware Downloads
New research shows that enterprise organizations these days are far more likely to experience malware downloads from cloud applications than any other source.Researchers at Netskope recently analyzed data gathered...
