A List of Vulnerable Products to the Log4j Vulnerability

Two days ago, we wrote a post about the Log4j vulnerability that is currently wreaking havoc on the cyberthreat landscape. The flaw stands for an open-source Java logging library. By…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score). The source of the vulnerability is Log4j,…

Cybersecurity Trends for 2022

Trend Micro – Trend Micro – You’ve heard it before: the pandemic accelerated digital transformation. And there doesn’t seem to be any signs of slowing down. But what does an…

Fake Adobe Windows App Installer Packages Are Distributing the Emotet Malware

Emotet is a malware known as a banking Trojan. Malspam, which are spam emails that contain malware, is the primary means by which it spreads. To persuade consumers, these communications…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

BazarBackdoor now abuses Windows 10 apps feature in 'call me back' attack

A Microsoft Windows 10 app feature is being abused in a new phishing campaign spreading the BazarBackdoor malware.  On Thursday, researchers from Sophos Labs said the attack was noticed after…

BazarBackdoor now abuses Windows 10 app feature in 'call me back' attack

A Microsoft Windows 10 app feature is being abused in a new phishing campaign spreading the BazarBackdoor malware.  On Thursday, researchers from Sophos Labs said the attack was noticed after…

Utah legislature awards two universities with $5 million for cybersecurity and tech programs

The cybersecurity industry continues to have issues finding talent to fill all of the available roles. To address the problem, the Utah legislature is giving Utah Valley University (UVU) and…

Cring Ransomware Group Stands Out with One More Hit

Cring Ransomware Group makes headlines again with a new hit. Worn-out ColdFusion servers and VPNs: the new targets. Cring Ransomware Group: Short Background In April 2021, we were writing about…