Threat actors are actively weaponizing unpatched servers affected by the newly identified "Log4Shell" vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even came to light. Netlab, the networking security division of Chinese tech giant Qihoo … [Read more...] about Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack
active
Researchers Uncover Hacker-for-Hire Group That’s Active Since 2015
A new cyber mercenary hacker-for-hire group dubbed "Void Balaur" has been linked to a string of cyberespionage and data theft activities targeting thousands of entities as well as human rights activists, politicians, and government officials around the world at least since 2015 for financial gain while lurking in the shadows. Named after a many-headed dragon from Romanian … [Read more...] about Researchers Uncover Hacker-for-Hire Group That’s Active Since 2015
Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack
Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems. Two of the addressed security flaws are rated Critical, 68 … [Read more...] about Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack
UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild
An Android malware that was observed abusing accessibility services in the device to hijack user credentials from European banking applications has morphed into an entirely new botnet as part of a renewed campaign that began in May 2021. Italy's CERT-AGID, in late January, disclosed details about Oscorp, a mobile malware developed to attack multiple financial targets with the … [Read more...] about UBEL is the New Oscorp — Android Credential Stealing Malware Active in the Wild
Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
Taiwanese networking equipment company Zyxel is warning customers of an ongoing attack targeting a "small subset" of its security products such as firewall and VPN servers. Attributing the attacks to a "sophisticated threat actor," the firm noted that the attacks single out appliances that have remote management or SSL VPN enabled, namely in the USG/ZyWALL, USG FLEX, ATP, and … [Read more...] about Watch Out! Zyxel Firewalls and VPNs Under Active Cyberattack
GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks
Code-hosting platform GitHub Friday officially announced a series of updates to the site's policies that delve into how the company deals with malware and exploit code uploaded to its service. "We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits," the Microsoft-owned company said. "We understand that … [Read more...] about GitHub Updates Policy to Remove Exploit Code When Used in Active Attacks
Watch Out! Mission Critical SAP Applications Are Under Active Attack
Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research. "Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common security and compliance controls, and enabling attackers to steal sensitive information, … [Read more...] about Watch Out! Mission Critical SAP Applications Are Under Active Attack
Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online
Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks. News of in the wild exploitation comes on the heels of a proof-of-concept exploit code that … [Read more...] about Critical F5 BIG-IP Bug Under Active Attacks After PoC Exploit Posted Online
Microsoft Issues Security Patches for 89 Flaws — IE 0-Day Under Active Attacks
Microsoft plugged as many as 89 security flaws as part of its monthly Patch Tuesday updates released today, including fixes for an actively exploited zero-day in Internet Explorer that could permit an attacker to run arbitrary code on target machines. Of these flaws, 14 are listed as Critical, and 75 are listed as Important in severity, out of which two of the bugs are … [Read more...] about Microsoft Issues Security Patches for 89 Flaws — IE 0-Day Under Active Attacks
How to Audit Password Changes in Active Directory
Today's admins certainly have plenty on their plates, and boosting ecosystem security remains a top priority. On-premises, and especially remote, accounts are gateways for accessing critical information. Password management makes this possible. After all, authentication should ensure that a user is whom they claim to be. This initial layer of security is crucial for protecting … [Read more...] about How to Audit Password Changes in Active Directory