Attackers still exploit Log4Shell on VMware Horizon servers, CISA warns
If your organization is running VMware Horizon and Unified Access Gateway servers and you haven’t implemented the patches or workarounds to fix/mitigate the Log4Shell …
Prioritize patching vulnerabilities associated with ransomware
A threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in …
Stealthy APT group plunders very specific corporate email accounts
An eminently sophisticated and stealthy APT group is going after specific corporate email accounts and has, on occasion, managed to remain undetected in victim environments …
APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
Attackers employ novel methods to backdoor French organizations
An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the …
Ransomware groups and APT actors laser-focused on financial services
Trellix released a report, examining cybercriminal behavior and activity related to cyber threats in the third quarter (Q3) of 2021. Among its findings, the research reports …
Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …
Cybersecurity industry trends from 2021 bound to shape this year’s threat landscape
Bugcrowd released its report to spotlight the key cybersecurity trends from 2021, including the rise in the adoption of crowdsourced security due to the global shift to hybrid …
Should businesses be concerned about APT-style attacks?
As we enter 2022, organizations are re-evaluating their cybersecurity strategies to lower risks and best defend against potential threats. Through budget, risk tolerance, …
Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077)
An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including …
77% of rootkits are used for espionage purposes
In a new report, Positive Technologies analyzes this past decade’s most infamous families of rootkits – programs that hide the presence of malicious software or …
SolarWinds hackers are going after cloud, managed and IT service providers
Nobelium, the advanced, persistent threat (APT) actor behind the 2020 SolarWinds supply chain attack that served as a springboard for breaching a variety of high-level …
Featured news
Resources
Don't miss
- CERT-UA warns against “security audit” requests via AnyDesk
- Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?
- AI-driven insights transform security preparedness and recovery
- NDR’s role in a modern cybersecurity stack
- How Russian hackers went after NGOs’ WhatsApp accounts