Stories by Lucian Constantin
MS SQL Server is by far the most common DBMS that attackers target, probably due to its tight integration with Windows.
Akamai reports nearly 700,000 attacks with 27,000 of its customers being scanned for the vulnerability.
Attackers could elevate privileges on systems with the vulnerable, unpatched Cisco clients, possibly taking full control.
The main focus of Diicot’s attacks appears to support cryptojacking efforts but the group is also employing botnets and brute-force tactics for other purposes.
The threat actor created fake personas on Twitter for researchers at a non-existent security firm.
This newly discovered, global campaign indicates growing popularity for multi-stage adversary-in-the-middle tactics among threat actors.
A third-party audit reveals new MOVEit vulnerabilities, for which Progress Software has issued patches.
A new attack group leverages trusted relationships between partner organisations to bypass multifactor authentication.
The Kimsuky group is adept at building relationships at target organisations to more easily deliver malware and steal credentials.
At least 20 organisations have been compromised by Clop's MOVEit exploit, according to new research.
At least one organization, UK payroll provider Zellis, has confirmed a breach via the MOVEit utility.
The Russian federal security agency, the FSB, has put out a security alert claiming that US intelligence services are behind an attack campaign that exploits vulnerabilities in iOS and compromised thousands of iPhones devices in Russia.
Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.
Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems.