attackers

Vulnerabilities

Issued by: Dark Reading

Attackers once focused on exploiting ProxyLogon Microsoft Exchange server vulnerabilities have made a pivot to the new SessionManager backdoor, which can be used to gain persistent, undetected access to emails — and even take over the target organization’s infrastructure. Researchers from Kaspersky today report the emergence of SessionManager, which they say is part of a…

Malware & Threats

Issued by: Security Week

Edge computing is eminently practical in that it solves several important problems, many of which are related to the latency created when data must travel long distances. The edge offers significant functional and economic benefits, such as the emergence of a new breed of real-time applications. And the need for more edges has increased due…

Vulnerabilities

Issued by: CSO

The Java programming language offers a seamless and elegant way to store and retrieve data. However, without proper input validation and safeguards in place, your application can be vulnerable to unsafe deserialization vulnerabilities. In a best-case scenario, deserialization vulnerabilities may simply cause data corruption or application crashes, leading to a denial of service (DoS) condition….

Malware & Threats

Issued by: CSO

T-Mobile has confirmed a data breach that impacted nearly 50 million people, including current, former and prospective subscribers. The exposed details differed across different types of customers, so the level of risk users are exposed to varies. Victims of the T-Mobile or any other breach where personal data is stolen should be aware of follow-on…

Malware & Threats

Issued by: Security Week

From Egregor to Doppelpaymer to Ryuk, it continues to command headlines. Pandemic-fueled phishing scams, the lack of visibility across remote endpoints, and lax attitudes have been a boon for ransomware groups over the last year. Worst of all, ransomware no longer discriminates. It dominates small towns and municipal offices, video game makers, and shamelessly, healthcare…

Malware & Threats

Issued by: Security Week

Initially observed in 2019, SystemBC enables persistent access to the system, providing attackers with means to conceal communications and remotely control the infected devices. Designed with support for the execution of commands and to allow adversaries to download and execute scripts, executables, and DLLs, the backdoor is continuously evolving, with recent samples having switched from…

Vulnerabilities

Issued by: CSO

A few years ago, many deception technology companies were in the process of adding advanced features like cloud integration, artificial intelligence (AI) and automation to their platforms to combat increasingly advanced threats. The upgraded defenses were necessary because skilled attackers were starting to unmask and circumvent classic deception tricks like dropping breadcrumbs pointing at fictitious,…

Malware & Threats

Issued by: Dark Reading

In October 2019, Google announced it had achieved “quantum supremacy” in a Forbes article entitled “Quantum Computing Poses An Existential Security Threat, But Not Today.” The Google team had developed a quantum computer that could complete a computation in just over three minutes instead of the 10,000 years it would have taken on a traditional…

Vulnerabilities

Issued by: Help Net Security

Attackers are exploiting two zero-day flaws in Cisco enterprise-grade routers

A technical support intervention has revealed two zero-day vulnerabilities in the OS running on Cisco enterprise-grade routers that attackers are trying to actively exploit. Cisco plans to release software updates to plug these security holes, but in the meantime administrators are advised to implement one or all of the provided mitigations. About the vulnerabilities The…