Feds warn about foreign government-connected hackers aiming to disrupt vital industrial systems

Written by Tim Starks Apr 13, 2022 | CYBERSCOOP A joint federal advisory Wednesday says that foreign government-linked hackers are targeting specific industrial processes with tools meant to breach and…

Russian hackers thwarted in attempt to take out electrical grid, Ukrainians say

Written by AJ Vicens Apr 12, 2022 | CYBERSCOOP The Ukrainian government repelled a Russian cyberattack that was set to take out multiple electricity substations and other parts of a…

Top Ukrainian cyber official praises volunteer hacks on Russian targets, offers updates

Written by AJ Vicens Mar 15, 2022 | CYBERSCOOP The Ukrainian government’s cyber efforts are focused on defense, not offense, a top official said Tuesday, but leaders are “grateful” for…

Another round of 'wiper' malware appears in Ukrainian networks

Written by Tim Starks Feb 23, 2022 | CYBERSCOOP Security researchers detected new destructive malware spreading in Ukraine on Wednesday, following evidence of distributed denial-of-service disruptions for government agencies —…

Cyberattacks on Ukrainian websites come into clearer focus as Russia tensions escalate

Written by Tim Starks Jan 18, 2022 | CYBERSCOOP Cybersecurity researchers shed additional light over the weekend on the cyberattacks that disabled Ukrainian government websites, as Kyiv pointed to Russia…

All Change at the Top as New Ransomware Groups Emerge

All Change at the Top as New Ransomware Groups Emerge The Ransomware as a Service (RaaS) landscape underwent another major shift in the third quarter as new variants emerged to…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot…

Khonsari ransomware, Iranian group Nemesis Kitten seen exploiting Log4j vulnerability

Security researchers have found evidence that the group behind the Khonsari ransomware is exploiting the Log4j vulnerability to deliver it. Other state-sponsored groups are also looking into the vulnerability, according…

Second Log4j vulnerability discovered, patch already released

more coverage A second vulnerability involving Apache Log4j was found on Tuesday after cybersecurity experts spent days attempting to patch or mitigate CVE-2021-44228.  The description of the new vulnerability, CVE 2021-45046, says…