Ukraine: Wiper malware masquerading as ransomware hits government organizations
In the wake of last week’s attention-grabbing defacements of many Ukrainian government websites, Microsoft researchers have revealed evidence of a malware operation …
Zeljka Zorz
Phishers are targeting Office 365 users by exploiting Adobe Cloud
Phishers are creating Adobe Creative Cloud accounts and using them to send phishing emails capable of thwarting traditional checks and some advanced threat protection …
A new multi-platform backdoor is leveraged by an advanced threat actor
A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021. “In the Linux and macOS versions, it masquerades as a …
Microsoft fixes wormable RCE in Windows Server and Windows (CVE-2022-21907)
The first Patch Tuesday of 2022 is upon us, and Microsoft has delivered patches for 96 CVE-numbered vulnerabilities, including a wormable RCE flaw in Windows Server …
Detect and identify IoT malware by analyzing electromagnetic signals
Electromagnetic (EM) emanations can be recorded and used to detect and identify malware running on IoT devices, a group of researchers working at IRISA have proven. The setup …
How can SMBs extend their SecOps capabilities without adding headcount?
Which is more important for achieving organizational cybersecurity: security products or security people? The right answer to this (trick) question is that both are equally …
CTO of Security at Salesforce talks e-commerce cybersecurity threat trends for 2022
Online retailers are dealing with more cybersecurity threats than ever before, and the holiday (shopping) season is when they have to fend them off most aggressively. In this …
The Log4j saga: New vulnerabilities and attack vectors discovered
The Apache Log4j saga continues, as several new vulnerabilities have been discovered in the popular library since Log4Shell (CVE-2021-44228) was fixed by releasing Log4j …
Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations
Due to the extraordinary widespread use of the open-source Apache Log4j library, the saga of the Log4Shell (CVE-2021-44228) vulnerability is nowhere near finished. As Dr. …
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
It’s the final Patch Tuesday of 2021 and Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to …
Ransomware hits HR solutions provider Kronos, locking customers out of vital services
The end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group …
Enterprise email encryption without friction? Yes, it’s possible
Secure communication enables more efficient communication and the secure exchange of digital documents. It can also be a fantastic customer service tool and – crucially …
