Bitdefender Threat Debrief | December 2021

The Bitdefender Threat Debrief (BDTD) is a monthly series analyzing threat news, trends, and research from the previous month. You can find all previous debriefs here.  Highlight of the month:…

Photography site Shutterfly is dealing with a ransomware attack

Written by Tonya Riley Dec 27, 2021 | CYBERSCOOP American photography company Shutterfly has experienced a ransomware attack on parts of its networks, the company confirmed in a statement late…

Supply Chain Security Threats – What SMBs Need to Know

Small and mid-sized businesses (SMBs) might not rely on the complex supply chains that global enterprises operate. But many of them depend on suppliers and other business partners to stay…

Intruders leverage Log4j flaw to breach Belgian Defense Department

Written by Tonya Riley Dec 20, 2021 | CYBERSCOOP Parts of the Belgian Defense Ministry’s computer networks have been down since Thursday after a cyber incident in which attackers exploited…

What is Cyber Insurance? (and how do I know if i need it?)

Part of the responsibility of being a leader in risk management or cybersecurity isn’t just to prevent an attack, it’s to minimize damage and mitigate the extent of an attack…

Conti Ransomware Group Exploiting Log4j Vulnerability

According to researchers, numerous Conti ransomware group members are trying to exploit the Log4j flaw as an initial attack vector. Advanced Intelligence (AdvIntel) security firm has discovered that the Conti…

Log4Shell – The call is coming from inside the house

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability in Log4j logging library – assigned with a severity of 10 (the highest possible risk score). We previously documented…

Hive Ransomware Wreaked Havoc in Four Months: Hundreds of Organizations Breached

According to security researchers who gathered data from Hive’s administrator panel, affiliates of the well-known ransomware group managed to breach in more than 4 months over 350 organizations. This means…

Ransomware Attackers Have ‘Industry Standards’ Too

Security Intelligence – Security Intelligence – Ransomware Attackers Have ‘Industry Standards’ Too Ransomware attackers are creating ‘industry standards’ and using them to define an ideal target for their campaigns. The…

New Ransomware Family Deployed in Log4Shell Attacks

Recently a public exploit for the major zero-day vulnerability known as ‘Log4Shell’ in the Apache Log4j Java-based logging platform has been made available. Log4j is a development platform that enables…