Researchers at Splunk outline a technique that could detect malicious activity in the software supply chain, but with some limitations.
Stories by Lucian Constantin
One of the vulnerabilities patched by Microsoft has been exploited by a Chinese cyber-espionage group since at least August.
The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.
The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.
2FA has been widely adopted by online services and turning it on is probably the best thing users can do for their online account security.
A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook to leak plaintext Windows domain credentials to external servers.
Cyber-espionage groups are exploiting a critical vulnerability patched in ManageEngine ADSelfService Plus, which is a single sign-on solution.
The remote code execution vulnerability was recently patched for affected versions of Atlassian Confluence Server and Data Centre; users are advised to apply the patch or upgrade.
Ransomware gangs are adopting all the core elements of legitimate businesses—including defined staff roles, marketing plans, partner ecosystems, and even venture capital investments.
This newly discovered ransomware works fast, has multiple ways to avoid detection, and preys on Windows systems with known vulnerabilities.
This new, aggressive ransomware group also uses Cobalt Strike to move laterally across network.
It's not the IoT vendors' fault. Lack of a cryptographically secure pseudo-random number generator subsystem for the internet of things devices will be vulnerable.
Multiple groups are compromising Windows web servers and deploying malware programs to function as extensions for Internet Information Services.
Embedded devices are known to use in-house and third-party code that was created at a time when software vulnerabilities were not as well understood.
Multiple vulnerabilities could allow persistent take-over and ransom demands by attackers.