Cyber criminals bypass 2FA and OTP with robocalling and Telegram bots
2FA has been widely adopted by online services and turning it on is probably the best thing users can do for their online account security.
Stories by Lucian Constantin
Exchange Autodiscover feature can cause Outlook to leak credentials
A design issue in the Microsoft Exchange Autodiscover feature can cause Outlook to leak plaintext Windows domain credentials to external servers.
APT actors exploit flaw in ManageEngine single sign-on solution
Cyber-espionage groups are exploiting a critical vulnerability patched in ManageEngine ADSelfService Plus, which is a single sign-on solution.
Critical flaw in Atlassian Confluence actively exploited
The remote code execution vulnerability was recently patched for affected versions of Atlassian Confluence Server and Data Centre; users are advised to apply the patch or upgrade.
How ransomware runs the underground economy
Ransomware gangs are adopting all the core elements of legitimate businesses—including defined staff roles, marketing plans, partner ecosystems, and even venture capital investments.
LockFile ransomware uses intermittent encryption to evade detection
This newly discovered ransomware works fast, has multiple ways to avoid detection, and preys on Windows systems with known vulnerabilities.
OnePercent ransomware group hits companies via IceID banking Trojan
This new, aggressive ransomware group also uses Cobalt Strike to move laterally across network.
IoT devices have serious security deficiencies due to bad random number generation
It's not the IoT vendors' fault. Lack of a cryptographically secure pseudo-random number generator subsystem for the internet of things devices will be vulnerable.
Wave of native IIS malware hits Windows servers
Multiple groups are compromising Windows web servers and deploying malware programs to function as extensions for Internet Information Services.
Serious flaws in widespread embedded TCP/IP stack endanger industrial control devices
Embedded devices are known to use in-house and third-party code that was created at a time when software vulnerabilities were not as well understood.
Basic flaws put pneumatic tube transport systems in hospitals at risk
Multiple vulnerabilities could allow persistent take-over and ransom demands by attackers.
APT group hits IIS web servers with deserialisation flaws and memory-resident malware
Praying Mantis group is likely a nation-state actor that uses custom malware and is adept at avoiding detection.
US charges four suspected Chinese spies who coordinated APT40 hackers
The US government outlines how APT40 conducted its Microsoft Exchange Server attack and offers advice to defend against nation-state threats.
REvil gang suddenly goes silent leaving victims unable to recover systems
All REvil websites went offline on Tuesday, leaving security experts and victims to speculate on the reason why.
PrintNightmare vulnerability explained: Exploits, patches, and workarounds
Public exploits are available for a remote code execution vulnerability in the Windows Print Spooler that could allow attackers to take full control of systems.
Brand Post
Five Reasons Why the Channel Is Turning To AI-Powered Observability
By Bharat Bedi, SolarWinds, Head of Sales, APJ
Sponsored By
