KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe “celebrate” is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site’s birthday also show more ...
In this episode of the podcast (#233) Mark Stanislav, a Vice President at the firm Gemini, joins Paul to talk about what went wrong with disclosure of Log4Shell, the critical, remote code execution flaw in the Log4j open source library. Mark talks about how the Internet community can come together ahead of the next show more ...
These are the results of a new research report by Positive Technologies, analyzing results of the company’s penetration testing projects carried out in the second half of 2020 and first half of 2021.
While the risk posed by the original Log4Shell exploit is critical, milder variants of the vulnerability emerged in Log4j versions, including 2.15 and 2.16—previously believed to be fully patched.
Going forward, organizations will need to take a more proactive approach to empower a more risk-aware workforce and ultimately protect against insider risk events in the year ahead.
Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations.
According to Gartner's 2021 Hype Cycle for Open-Source Software (OSS): "Through 2025, more than 70% of enterprises will increase their IT spending on OSS, compared with their current IT spending.
As companies rushed to adapt to pandemic-inspired changes in 2021, cybercriminals found new ways to capitalize on remote and hybrid models and wreak havoc. Threat actors became faster than ever as around 648 cyberattacks were observed every minute. With a variety of malware and attack techniques at their disposal, threat actors have become more pervasive than ever.
The threat actor uses Flagpro in the initial stage of an attack for network reconnaissance, to evaluate the target’s environment, and to download second-stage malware and execute it.
Extortion, increasingly high ransom demands, and sensitive data leaks continued in the second half of 2021, impacting organizations such as Kaseya, Sinclair Broadcast Group, and MediaMarkt.
Amedia, the largest local news publisher in Norway, announced on Tuesday that several of its central computer systems were shut down in what it is calling an apparent “serious” cyberattack.
As reported by Android Police, the malicious apps mimic ShowBox, a pirate app that went bust in 2018, after a coalition of movie studios managed to identify its operator and filed lawsuits against him.
QNAP NAS users fell victim to the eCh0raix ransomware after the actors behind it intensified their attacks right before Christmas. Some users admitted to not securing the device properly, whereas others blamed a vulnerability in QNAP’s Photo Station. Ransomware is a potential threat and users must stay alert.
The attack has been attributed to a threat actor tracked under the codename of DEV-0270, a group linked to several intrusions against US firms in 2021 that have ended in the deployment of ransomware.
An Iranian cybersecurity firm said it discovered a novel rootkit that hides inside the firmware of HP iLO devices and which has been used in real-world attacks to wipe servers of Iranian entities.
A new report by AhnLab ASEC warns that the convenience of using the auto-login feature on web browsers is becoming a substantial security problem affecting both organizations and individuals.
Attackers don’t seem to care about getting caught anymore. We have seen an increase in the temerity of cyberattacks by nation-states, such as the attack by Russian threat actors on SolarWinds.
Organizations will reportedly be forced to disclose data breaches within 72 hours, bringing India in line with territories such as the EU, which mandates breach disclosures under its GDPR regulations.
According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-based 2FA), had personal plan information exposed, or both.
Between December 11th and 13th, threat actors successfully exploited the Log4Shell vulnerability on a Cyclos server of crypto trading firm ONUS and planted backdoors for sustained access.
An ongoing cryptomining campaign has upgraded its arsenal with new tactics that enable the threat actors to conceal the intrusions and fly under the radar, new research has revealed.
Researcher Sylvain Pelissier has discovered that a crucial SanDisk software is affected by a couple of key derivation function issues that can allow an attacker to obtain user passwords.
The Apache Software Foundation (ASF) on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could be abused by threat actors to run malicious code on affected systems, making it the fifth security shortcoming to be discovered in the tool in the span of a month. Tracked as CVE-2021-44832, the vulnerability is rated 6.6 in severity on a scale of 10 and
An ongoing crypto mining campaign has upgraded its arsenal while adding new defense evasion tactics that enable the threat actors to conceal the intrusions and fly under the radar, new research published today has revealed. Since first detected in 2019, a total of 84 attacks against its honeypot servers have been recorded to date, four of which transpired in 2021, according to researchers from
