The Internet’s Most Tempting Targets
What attracts the attackers? David “moose” Wolpoff, CTO at Randori, discusses how to evaluate your infrastructure…
Cloud Security
Convergence Ahoy: Get Ready for Cloud-Based Ransomware
Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks…
Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Microsoft has…
How to Buy Precious Patching Time as Log4j Exploits Fly
Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours…
Kronos Ransomware Outage Drives Widespread Payroll Chaos
Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing,…
Log4Shell Is Spawning Even Nastier Mutations
The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun…
Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack
The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead…
‘Karakurt’ Extortion Threat Emerges, But Says No to Ransomware
The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and…
Fueled by Pandemic Realities, Grinchbots Aggressively Surge in Activity
E-commerce’s proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards…
Critical SonicWall VPN Bugs Allow Complete Appliance Takeover
Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances. Critical security vulnerabilities in SonicWall’s…