All Change at the Top as New Ransomware Groups Emerge

All Change at the Top as New Ransomware Groups Emerge The Ransomware as a Service (RaaS) landscape underwent another major shift in the third quarter as new variants emerged to…

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has…

Ransomware in 2022: We're all screwed

Ransomware is now a primary threat for businesses, and with the past year or so considered the “golden era” for operators, cybersecurity experts believe this criminal enterprise will reach new…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily-exploited…

Oregon medical group notifies 750,000 patients of breach, says FBI seized accounts from HelloKitty ransomware

The Oregon Anesthesiology Group (OAG) said it suffered a ransomware attack in July that led to the breach of sensitive employee and patient information. The breach involves the information of…

Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit

It took just 15 seconds to hack the latest, greatest, shiniest iPhone 13 Pro on stage at the Tianfu Cup in October, using a now-fixed iOS kernel bug. As if…

Second Log4j vulnerability discovered, patch already released

more coverage A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228.  The description of the new vulnerability, CVE 2021-45046, says…

How to Buy Precious Patching Time as Log4j Exploits Fly

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Sure, Apache got a patch…

iOS 15.2’s App Privacy Report: How to turn it on, and what it all means

ErickPHOTOPRO — Shutterstock Apple just released iOS 15.2 and iPadOS 15.2 . The iPhone and iPad updates are available to install right now, bringing with them a new Digital Legacy…