Cyberspace, Cybergames, and Cyberspies
Juniper Networks recently hit the news — yet again. Allegedly, the US-based communications equipment giant willfully installed an National Security Agency (NSA) backdoor into its products in 2015, thereby allowing...
50% of Servers Have Weak Security Long After Patches Are Released
Many organizations lag in patching high-severity vulnerabilities, according to a new study that reveals more than 50% of servers scanned have a weak security posture weeks and months after a...
Shades of SolarWinds Attack Malware Found in New ‘Tomiris’ Backdoor
Advanced persistent threat (APT) actors rarely simply stop operations when their malware and techniques get exposed. Many just regroup, refresh their toolkits, and resume operations when the heat has...
More Than 90% of Q2 Malware Was Hidden in Encrypted Traffic
Organizations that have not implemented controls for detecting malware hidden in encrypted network traffic are at risk of having a vast majority of malicious tools being distributed in the...
Why Windows Print Spooler Remains a Big Attack Target
When a team of hackers believed to be from the US and Israel deployed the Stuxnet worm in 2010 to sabotage centrifuges at an Iranian uranium-enrichment facility in Natanz,...
Law Enforcement Agencies Seize $375K in Ukraine Ransomware Bust
Five law enforcement agencies today announced the arrest of two ransomware operators who, starting on April 20, allegedly conducted a string of targeted attacks against large industrial organizations in...
New Atom Silo Ransomware Group Targets Confluence Servers
Security researchers are tracking a new ransomware group called Atom Silo, which uses a newly disclosed vulnerability in Atlassian's Confluence collaboration software (CVE-2021-26084) as well as new tactics that...
CVE Data Is Often Misinterpreted: Here’s What to Look For
Most people only ever give common vulnerabilities and exposures (CVEs) a passing glance. They might look at the common vulnerability scoring system (CVSS) score, determine whether the list of...
Mandia Alerted NSA on FireEye’s SolarWinds Breach
MANDIANT CYBER DEFENSE SUMMIT — Washington, DC — It was just before the Thanksgiving holiday in 2020 when Kevin Mandia, then CEO of FIreEye, made a rare and urgent visit to...
Misconfigured Apache Airflow Platforms Threaten Organizations
Many organizations using the popular open source Apache Airflow platform to schedule and manage workflows may be exposing credentials and other sensitive data to the Internet because of how...
