Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. As if finding one easily-exploited…

How to Buy Precious Patching Time as Log4j Exploits Fly

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Sure, Apache got a patch…

Saudi human rights activist files lawsuit against former US intelligence operatives for hacking scandal

Saudi human rights activist Loujain al-Hathloul has filed a lawsuit against spyware maker DarkMatter Group and three former US intelligence operatives for their role in helping the United Arab Emirates…

FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months

The bureau’s flash alert said an APT has been exploiting the flaw to compromise FatPipe router clustering and load balancer products to breach targets’ networks. A threat actor has been…

NSA Grants Boost University’s Cyber Academy

NSA Grants Boost University’s Cyber Academy The University of North Georgia (UNG) has been able to grow its cybersecurity training program after receiving funding from the National Security Agency (NSA). …

NSA Grants Boost University's Cyber Academy

NSA Grants Boost University's Cyber Academy The University of North Georgia (UNG) has grown its cybersecurity training program after receiving funding from the National Security Agency (NSA).  UNG, which has…

Hackers with Chinese links breach defense, energy targets, including one in US

Written by Tim Starks Nov 8, 2021 | CYBERSCOOP Suspected spies using similar tools and tactics to a Chinese government-connected hacking group compromised nine organizations in the defense, education, energy…

SSL certificate research highlights pitfalls for company data, competition

Research into how the enterprise handles and deploys security certificates has revealed risks to data that may be overlooked.  On Thursday, the Detectify Labs team published a report based on…

Businesses don't talk about being victims of cyberattacks. That needs to change

Organisations need to have better plans in place to prevent cyberattacks – but they should be more transparent about when they do fall victim to hackers in order to prevent…

How to Stay Safe from BlackMatter Ransomware Attacks

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) all provide data that can assist companies in defending against and…