Teen “Hackers” on Discord Selling Malware for Quick Cash

Cybersecurity researchers urge parents to keep track of their children’s online activities. Avast security researchers have discovered a server on Discord where a group of minors is involved in developing, upgrading, marketing,…

New Sysrv-k Botnet Infecting Windows and Linux Systems with Cryptominer

Microsoft has discovered a new Sysrv botnet variant deploying cryptocurrency miners on Windows and Linux systems. The Microsoft Security Intelligence team posted a series of tweets on their official Twitter handle (@MsftSecIntel)…

Log4j flaw: This new threat is going to affect cybersecurity for a long time

If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described…

What the Log4Shell Bug Means for SMBs: Experts Weigh In

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. News of…

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score). The source of the vulnerability is Log4j,…

CISA warns 'most serious' Log4j vulnerability likely to affect hundreds of millions of devices

Written by Tim Starks Dec 13, 2021 | CYBERSCOOP Cybersecurity and Infrastructure Security Agency Director Jen Easterly told industry leaders in a phone briefing Monday that a vulnerability in a…

Malicious PyPI Code Packages Rack Up Thousands of Downloads

The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. Three malicious packages hosted in the Python Package Index (PyPI) code repository have…

All You Need to Know About the New Zero-Day Found in the Log4j Java Library

Log4j 2 is a Java logging library that is open source and extensively used in a variety of software applications and services throughout the world. The flaw gives threat actors…

Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability

Cyber attackers are making over a hundred attempts to exploit a critical security vulnerability in Java logging library Apache Log4j every minute, security researchers have warned. The Log4j flaw (also…

Log4j RCE activity began on December 1 as botnets start using vulnerability

Image: Kevin Beaumont The usage of the nasty vulnerability in the Java logging library Apache Log4j that allowed unauthenticated remote code execution could have kicked off as early as December…