BazarLoader Malware Abuses Slack, BaseCamp Clouds
Two cyberattack campaigns are making the rounds using unique social-engineering techniques.
Read moreiOS Kids Game Morphs into Underground Crypto Casino
A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality.
Read moreNSA: 5 Security Bugs Under Active Nation-State Cyberattack
Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more.
Read moreMandiant Front Lines: How to Tackle Exchange Exploits
Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections.
Read moreGoogle Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
Read moreSevere Bugs Reported in EtherNet/IP Stack for Industrial Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service (DoS) attacks, data leaks, and…
Read moreBiden Races to Shore Up Power Grid Against Hacks
A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said.
Read moreUS Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with “high confidence” to government operatives working for Russia’s Foreign Intelligence Service (SVR).
“Russia’s pattern of m…
Gafgyt Botnet Lifts DDoS Tricks from Mirai
The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices.
Read moreAttackers Target ProxyLogon Exploit to Install Cryptojacker
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered.
Read more