400 Banks’ Customers Targeted with Anubis Trojan

The new campaign masqueraded as an Orange Telecom account management app to deliver the latest iteration of Anubis banking malware. Customers of Chase, Wells Fargo, Bank of America and Capital…

What the Log4Shell Bug Means for SMBs: Experts Weigh In

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. News of…

How to Buy Precious Patching Time as Log4j Exploits Fly

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Sure, Apache got a patch…

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. Attackers targeting telcos across the Middle East and Asia…

Kronos Ransomware Outage Drives Widespread Payroll Chaos

Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses and vacation tracking. Kronos,…

Where the Latest Log4Shell Attacks Are Coming From

Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote code-execution (RCE)…

Malicious PyPI Code Packages Rack Up Thousands of Downloads

The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. Three malicious packages hosted in the Python Package Index (PyPI) code repository have…

Log4Shell Is Spawning Even Nastier Mutations

Threat Post – Threat Post – The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a…

Next-Gen Maldocs & How to Solve the Human Vulnerability

Malicious email attachments with macros are one of the most common ways hackers get in through the door. Huntress security researcher John Hammond discusses how threat hunters can fight back.…

‘Appalling’ Riot Games Job Fraud Takes Aim at Wallets

Scammers are using fake job listings to empty the wallets of young, hopeful victims looking to break into the gaming industry. Riot Games, the developer behind League of Legends, has…