Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps
The vulnerability affects not only Java-based applications and services that use the library directly, but also many other popular Java components.
Stories by Lucian Constantin
Researchers warn about continuous abuse of unpatched MikroTik routers
Attackers are still exploiting unaddressed vulnerabilities in an estimated 300,000 MikroTik routers. A new tool will detect compromised devices.
Google disrupts major malware distribution network Glupteba
The botnet take-down is believed to be temporary as the criminal group has a back-up command-and-control mechanism based on Bitcoin blockchain.
Critical flaw in ManageEngine MSP tool exploited in the wild
Each of two flaws allow attackers to bypass authentication, leaving customers of MSPs that use ManageEngine at risk. Patches are available.
New HP MFP vulnerabilities show why users should update and isolate printers
Researchers have discovered two dangerous vulnerabilities in HP multifunction printers that use its FutureSmart firmware, including one that is exploitable remotely.
Explaining Void Balaur, a stealthy cyber mercenary group that spies on thousands
Void Balaur will target individuals and organisations in Russian-speaking countries with an intimate knowledge of telecom systems.
Flaws in Nucleus embedded TCP/IP stack puts critical systems at risk
The NUCLEUS:13 vulnerabilities can allow remote code execution or denial of service attacks. Billions of devices could be affected.
BusyBox flaws highlight need for consistent IoT updates
Researchers have reported 14 vulnerabilities in the BusyBox userspace tool that's used in millions of embedded devices running Linux-based firmware.
Time to update and isolate Nagios servers due to vulnerabilities
Security researchers demonstrated an attack chain against Nagios that combined multiple vulnerabilities to achieve remote code execution.
Stealthy Trojan that roots Android devices makes its way on app stores
The criminals behind the Trojan have placed fully functional utilities that carry malicious code on the Google Play store in a way that evades detection.
Russian cyber spies target CSPs and resellers to abuse delegated access
A new Microsoft advisory claims Russia's Nobelium group is trying to gain long-term access to the technology supply chain and offers mitigation advice.
New security technique could pinpoint supply chain compromises
Researchers at Splunk outline a technique that could detect malicious activity in the software supply chain, but with some limitations.
Chinese APT group IronHusky exploits zero-day Windows Server privilege escalation
One of the vulnerabilities patched by Microsoft has been exploited by a Chinese cyber-espionage group since at least August.
Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan
The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.
APT29 targets Active Directory Federation Services with stealthy backdoor
The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.
Brand Post
Five Reasons Why the Channel Is Turning To AI-Powered Observability
By Bharat Bedi, SolarWinds, Head of Sales, APJ
Sponsored By
