A year later, Log4Shell still lingers
72% of organizations remain vulnerable to the Log4Shell vulnerability as of October 1, 2022, Tenable‘s latest telemetry study has revealed, based on data collected from over 500 million tests. A vulnerability that’s difficult to eradicate When Log4Shell was discovered in December 2021, organizations around the world scrambled to determine their risk. In the weeks following…
Killnet Gloats About DDoS Attacks Downing Starlink, White House
Killnet and its band of hacker collaborators are claiming they were able to pull off a trio of symbolic distributed denial-of-service (DDoS) attacks aimed at punishing some of the most critical supporters of Ukraine against the Russian invasion — Elon Musk’s Starlink satellite broadband service and the websites of the White House in the US…
Black Basta Gang Deploys Qakbot Malware in Aggressive Cyber Campaign
The Black Basta ransomware group is using Qakbot malware — also known as QBot or Pinkslipbot — to perpetrate an aggressive and widespread campaign using an .IMG file as the initial compromise vector. More than 10 different customers have been targeted by the campaign in the last two weeks, mostly focused on companies based in…
Fake subscription invoices lead to corporate data theft and extortion
A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses. The group is eschewing the use of ransomware and instead relies on targeted employees calling a phone number manned by the attackers and convincing them to install a remote…
Time to Get Kids Hacking: Our 2022 Holiday Gift Guide
Whether cybersecurity professionals, software developers, hardware tinkerers, or all of the above, hacker parents are some of the best “recruiters” for the future of tomorrow’s cyber workforce. If you’re one such pro seeking out a gift that’s not just fun but also gets your kid thinking like a hacker, we’ve got the gift guide for…
Transportation sector targeted by both ransomware and APTs
Trellix released The Threat Report: Fall 2022 from its Advanced Research Center, which analyzes cybersecurity trends from the third quarter (Q3) of 2022. The report includes evidence of malicious activity linked to ransomware and nation-state backed advanced persistent threat (APT) actors. It examines malicious cyberactivity including threats to email, the malicious use of legitimate third-party…
DEV-0569 Ransomware Group Remarkably Innovative, Microsoft Cautions
It generally starts with malvertising and ends with the deployment of Royal ransomware, but a new threat group has distinguished itself by its ability to innovate the malicious steps in between to lure in new targets. The cyberattack group, tracked by Microsoft Security Threat Intelligence as DEV-0569, is notable for its ability to continuously improve…
Ukraine’s ‘IT Army’ Stops 1,300 Cyberattacks in 8 Months of War
Ukrainian President Volodymyr Zelensky spoke to the G20 Summit’s “Digital Transformation” panel this week, offering the benefits of his embattled country’s cyber-defense experience to G20-allied countries. Zelensky noted that Ukraine’s “IT army,” made up of talent pooled from companies across the country, has successfully stopped more than 1,300 Russian cyberattacks over the past eight months…
Top enterprise email threats and how to counter them
A research from Tessian, the State of Email Security Report, found that enterprise email is now the No. 1 threat vector for cyberattacks. According to the report, 94% of organizations experienced a spear phishing or impersonation attack, and 92% suffered ransomware attacks over email this year. Organizations send and receive thousands of emails per day,…
Microsoft Links Prestige Ransomware Attacks to Russian State-Sponsored Hackers
Initially detailed in October, the Prestige ransomware has been used in attacks against transportation and related logistics organizations in Ukraine and Poland, with some of the victims previously infected with the destructive HermeticWiper malware (FoxBlade). At the time, Microsoft said that the attacks did not appear to be related to known ransomware campaigns, despite the…
