A New PowerShell Backdoor Is Being Used in Log4j Attacks

At the end of 2021 proof-of-concept exploits for a significant zero-day vulnerability discovered in the widely used Apache Log4j Java-based logging library were distributed online, exposing both home users and businesses…

UK Launches Initiative to Develop Global AI Standards

UK Launches Initiative to Develop Global AI Standards The UK government has announced a new initiative to develop global standards for artificial intelligence (AI). The Alan Turing Institute, supported by…

False Omicron Stat Counter App Embedded with New RedLine Malware Version

A false COVID-19 Omicron stat counter app is being leveraged as a lure in a current malicious campaign to distribute a new Redline malware version through emails. What Is RedlLine…

Two Years for Man Who Used RATs to Spy on Women and Children

Two Years for Man Who Used RATs to Spy on Women and Children A Nottingham man has been jailed for over two years after using remote access trojans (RATs) and…

Hackers are using the Log4j flaw to deliver this new 'modular' backdoor

Iran-backed hacking group Phosphorous or APT35 is using the Log4j vulnerability to distribute a new modular PowerShell toolkit, according to security firm Check Point.  APT35 is one of several state-backed…

Microsoft Starts 2022 with 97 CVEs in January Patch Tuesday

Microsoft Starts 2022 with 97 CVEs in January Patch Tuesday Microsoft began the year by publishing fixes for nearly a century of vulnerabilities, nine of which were rated critical and…

Europol Ordered to Delete Vast Trove of Personal Information

Europol Ordered to Delete Vast Trove of Personal Information Europol has been told to delete a vast data trove of information on individuals with no link to criminality after previously…

Check your SPF records: Wide IP ranges undo email security and make for tasty phishes

Image: Can I Phish/Sebastian Salla You’ve done the right thing by your organisation and made sure that DMARC and SPF (sender policy framework) records are set in an effort to…

Here’s REALLY How to Do Zero-Trust Security

It’s not about buying security products! Joseph Carson, chief security scientist from ThycoticCentrify, offers practical steps to start the zero-trust journey. Zero-trust is without a doubt the new buzzword of…

Microsoft Faces Wormable, Critical RCE Bug & 6 Zero-Days

The large January 2022 Patch Tuesday update covers nine critical CVEs, including a self-propagator with a 9.8 CVSS score. Microsoft has addressed a total of 97 security vulnerabilities in its…