Khonsari ransomware, Iranian group Nemesis Kitten seen exploiting Log4j vulnerability

Security researchers have found evidence that the group behind the Khonsari ransomware is exploiting the Log4j vulnerability to deliver it. Other state-sponsored groups are also looking into the vulnerability, according…

What the Log4Shell Bug Means for SMBs: Experts Weigh In

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what’s vulnerable, what an attack looks like and to how to remediate. News of…

Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability

The number of attacks aiming to take advantage of the recently disclosed security flaw in the Log4j2 Java logging library continues to grow. The vulnerability (CVE-2021-44228) was publicly disclosed on…

All You Need to Know About the New Zero-Day Found in the Log4j Java Library

Log4j 2 is a Java logging library that is open source and extensively used in a variety of software applications and services throughout the world. The flaw gives threat actors…

Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability

Cyber attackers are making over a hundred attempts to exploit a critical security vulnerability in Java logging library Apache Log4j every minute, security researchers have warned. The Log4j flaw (also…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

Google: Half of compromised cloud instances have weak or no passwords

Online criminals are deploying cryptocurrency miners within just 22 seconds of compromising misconfigured cloud instances running on Google Cloud Platform (GCP). Cryptocurrency mining is by far the main malicious activity…

Cryptomining Malware Targets Alibaba ECS Instances

Alibaba ECS Instances (Elastic Computing Service) have become the hackers’ targets, as these are actively hijacking them for cryptomining malware deployment purposes. Cryptomining Malware Hijacks Alibaba ECS Instances: Details TrendMicro…

Heimdal™ Black Friday E-Fraud Study Reveals Upsurge in Cryptomining Domains

In studying the dynamics of e-fraud in relation to commercial holidays, Heimdal™ Security has discovered that e-fraud activity shows a steady increase, especially in the cryptomining area. Per the study,…

Cryptojackers Disable Alibaba Cloud Security Agent

Cryptojackers Disable Alibaba Cloud Security Agent Security experts have warned that threat actors are compromising Alibaba Cloud (Aliyun) infrastructure to deploy cryptocurrency mining malware. The Chinese tech giant is a popular choice…