Multiple security researchers have spotted threat actors already exploiting the Apache Log4j vulnerability by deploying Muhstik and Mirai botnets to target Linux devices. Their advice: Ensure to remove any existing compromise before patching, and expect this flaw to be exploited for the long term.
For many security teams, it's been all hands on deck since the Apache Log4j zero day vulnerability recently came to light. Experts say the flaw may be the most serious security vulnerability to have emerged in years, and organizations are now racing to identify their exposure and defenses they can deploy.
A massive wave of ongoing attacks has been targeting more than 1.6 million WordPress sites, researchers at Wordfence say. So far, they've counted more than 13.7 million individual attacks in just 36 hours, focused on exploiting four different WordPress plug-ins and several Epsilon framework themes.
How serious is the Apache Log4j zero-day vulnerability that was announced to the world on Friday? "It's big," says Sam Curry, chief security officer at Cybereason, which has developed a "vaccine" to help. "I hate hyperbole generally," Curry says. "But it is a 10 on the criticality scale."
A zero-day vulnerability detected in the Java logging library Apache Log4j can result in full server takeover and leaves countless applications vulnerable, according to security researchers, who say that the easily exploitable flaw was first detected in the popular game Minecraft.
The latest edition of the ISMG Security Report features an analysis of how the U.S. military has been "imposing costs" on ransomware groups. Also featured: a twist in the case of the Missouri governor vs. an alleged "hacker," and CyberTheory's Steve King on "why Zero Trust?"
Ifigeneia Lella, cybersecurity officer at ENISA describes findings from the agency's Threat Landscape 2021 report, which assesses the motives, capabilities, targeting and evolution of four different types of threat actors: state-sponsored, cybercrime actors, hacker-for-hire actors and hacktivists.
Cybersecurity experts worry about attacks and ransomware directed at the 70,000 water and wastewater facilities in the U.S. In November 2020, the Hampton Roads Sanitation District was infected with Ryuk ransomware. Fortunately, its operational technology systems were unaffected, and it recovered.
Steve King, director of cybersecurity advisory services for ISMG's CyberTheory, has just been appointed a member of the Forbes Technology Council. He discusses the role, his passion for Zero Trust and new initiatives to expect from CyberTheory in 2022.
It's no surprise that as some ransomware-wielding criminals have been hitting healthcare, pipelines and other sectors that provide critical services, governments have been recasting the risk posed by ransomware not just as a business threat but as an urgent national security concern.
Good news on the breach prevention and incident response front: More businesses are getting more mature practices in place, although as attackers continue to improve their efforts, so too must defenders, says incident response expert Rocco Grillo of consultancy Alvarez & Marsal.
In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.
A suspected Russian group blamed for the SolarWinds compromise in 2020 is continuing to innovate and is infiltrating technology services and resellers, according to a new report from Mandiant. Mandiant says the group, which it calls UNC2452 and Microsoft calls Nobelium, practices "top-notch operational security."
The U.S. Transportation Security Administration has issued new security directives for higher-risk freight railroads, passenger rail, and rail transit that it says will strengthen cybersecurity across the transportation sector in response to growing threats to critical infrastructure.
Many ransomware-wielding attackers continue to rely on initial access brokers to easily gain deep access to victims' systems, allowing them to steal data and attempt to pressure victims into paying via data leak sites. Researchers say that the number of victims being listed on such sites has surged.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.