Vulnerabilities in remote management agent impacts thousands of medical devices
The Axeda platform, used by hundreds of Internet of Things devices, has seven vulnerabilities, three of which allow for remote code execution.
Stories by Lucian Constantin
Nvidia hackers release code-signing certificates that malware can abuse
The hacker group that recently broke into systems belonging to Nvidia has released two of the company's old code-signing certificates.
Conti gang ready to hit critical infrastructure in support of Russian government
Ransomware group's claims follow a threat from the hacktivist group Anonymous to conduct cyber attacks against Russian targets.
TrickBot operators slowly abandon the botnet and replace it with Emotet
Researchers believe the group behind TrickBot are moving the infected devices it controls to the newer, more difficult to detect Emotet malware.
Dangerous privilege escalation bugs found in Linux package manager Snap
Researchers found an easy-to-exploit vulnerability in Snap, a universal application packaging and distribution system developed for Ubuntu.
ShadowPad has become the RAT of choice for several state-sponsored Chinese APTs
ShadowPad came into the spotlight in 2017 when used in two software supply-chain attacks by a suspected Chinese state-sponsored hacker group.
Google Cloud adds agentless threat detection to virtual machine workloads
Virtual Machine Threat Detection at first will target cryptominers running on virtual servers. Detecting ransomware, Trojans, and other malware is coming.
Iranian APT group uses previously undocumented Trojan for destructive access to organisations
The Moses Staff group's main target is Israel, but has recently launched attacks on organisations in other countries including India, Germany and the U.S.
Serious PwnKit flaw in default Linux installations requires urgent patching
Attackers could gain root privileges by compromising any regular user account. Workarounds are available, patches on their way.
MoonBounce UEFI implant used by spy group brings firmware security into spotlight
The MoonBounce rootkit implants a malicious driver in the Windows kernel to provide persistence and stealthiness.
The Prometheus traffic direction system is a major player in malware distribution
Cyber crime is fueled by a complex ecosystem of criminal groups that specialise on different pieces of the final attack chains experienced by victims.
Thousands of enterprise servers are running vulnerable BMCs, researchers find
According to an analysis by firmware security firm Eclypsium, 7,799 HPE iLO (HPE's Integrated Lights-Out) server BMCs are exposed to the internet.
How ransomware negotiations work
Here's what experienced negotiators say organisations should expect if it ever needs to pay a ransomware demand.
Cyber crime group Elephant Beetle lurks inside networks for months
Elephant Beetle specialises in stealing money from financial and commerce firms over an extended period of time while remaining undetected.
How to properly mitigate the Log4j vulnerabilities
A sure-fire way to prevent exploitation of Log4j vulnerabilities has yet to appear, but these actions are your best bet for reducing risk.
Brand Post
Five Reasons Why the Channel Is Turning To AI-Powered Observability
By Bharat Bedi, SolarWinds, Head of Sales, APJ
Sponsored By
