Lazarus has used the new remote access Trojan in campaigns that exploit the Log4Shell vulnerability and target energy companies.
Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes.
Ransomware gangs seem to be exploiting concerns over disruptions in the energy and other critical infrastructure sectors.
The Nitrokod cryptocurrency mining campaign goes to great lengths to avoid detection and can remain active for a number of years.
Hackers have developed ways to bypass multi-factor authentication on cloud productivity services like Microsoft 365, formerly Office 365.
A new strain of ransomware has been making victims for the past two months, masquerading as a Google software update application.
The Black Basta ransomware gang has reached a high level of success in a short time and is possibly an offshoot of Conti and REvil.
Researchers demonstrate a proof of concept where hijacked programmable logic controllers can compromise engineering workstations to allow lateral movement.
Two research groups demonstrate PC firmware vulnerabilities that are difficult to mitigate and likely to be exploited in the wild.
The TA428 group has been successful by targeting known vulnerabilities and using known detection evasion techniques.
The investigation shows not only the indicators of compromise but also the reasons why the Log4j vulnerability will persist indefinitely.
The sophisticated rootkit malware infects system firmware to avoid detection and has claimed victims in China, Iran, Vietnam and Russia.
At least one model of GPS tracking devices made by Chinese firm MiCODUS "lacks basic security protections needed to protect users from serious security issues".
Unlike other speculative execution attacks like Spectre, Retbleed exploits return instructions rather than indirect jumps or calls.
State-affiliated APT groups seek sensitive information and try to learn story sources by targeting journalists' email and social media accounts.
