‘Elephant Beetle’ Threat Actor Is Stealing Money from Companies

Another threat actor group is making way on the cyber threat landscape targeting organizations worldwide to deprive them of millions of dollars. This was dubbed ‘Elephant Beetle’, using in its…

Malicious Exchange Server Module Hoovers Up Outlook Credentials

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Researchers have uncovered a previously unknown malicious IIS module,…

IIS Extensible Web Server Used to Steal Microsoft Exchange Credentials

Cybercriminals are installing a new malicious add-on for the IIS web server on Microsoft Exchange Outlook Web Access (OWA) servers to collect login information and remotely perform commands on the…

Log4j flaw: Now state-backed hackers are using bug as part of attacks, warns Microsoft

State-sponsored hackers from China, Iran, North Korea and Turkey have started testing, exploiting and using the Log4j bug to deploy malware, including ransomware, according to Microsoft.    As predicted by…

In 2022, Expect More Supply Chain Pain and Changing Security Roles

If 2021 was the Year of Supply Chain Pain, 2022 will be the Year of Supply Chain Chronic Pain (or something worse than pain). This past year, the pain was…

Volatile and Adaptable: Tracking the Movements of Modern Ransomware

Trend Micro – Trend Micro – Volatile and Adaptable: Tracking the Movements of Modern Ransomware Ransomware Trend Micro’s tracking of modern ransomware, as well as of older families, shows which…

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. Attackers targeting telcos across the Middle East and Asia…

Karakurt: Another Threat Actor Group on the Cyberthreat Landscape

Accenture’s team of researchers has identified a threat actor group dubbed Karakurt, as the group calls itself. The hacking gang was first discovered during the month of June this year.…

Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency

Top US government cybersecurity officials fear advanced hackers will have a field day with the Log4j vulnerability that’s likely present in hundreds of millions of devices.  Security experts are already seeing…

Log4Shell Is Spawning Even Nastier Mutations

Threat Post – Threat Post – The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a…