US says it disrupted Russian botnet 'before it could be weaponized'

Written by Joe Warminsky Apr 6, 2022 | CYBERSCOOP The U.S. government disrupted a botnet attributable to Russia’s GRU intelligence agency before it could be used for malicious purposes, Attorney…

New Jersey Cancer Care Providers Settle Data Breach Claim

New Jersey Cancer Care Providers Settle Data Breach Claim A trio of healthcare providers in New Jersey has agreed to pay $425,000 and adopt new security measures to settle a…

The Log4j Vulnerability Is Now Used by State-Backed Hackers

The vulnerability, officially tagged as CVE-2021-44228 and called Log4Shell or LogJam, is an unauthenticated RCE vulnerability that allows total system takeover on systems running Log4j 2.0-beta9 through 2.14.1. What Happened? Nation-state hackers…

Log4j flaw: This new threat is going to affect cybersecurity for a long time

If there ever was any doubt over the severity of the Log4j vulnerability, director of US cybersecurity and infrastructure agency CISA, Jen Easterly, immediately quashed those doubts when she described…

Variant of Phorpiex botnet used for cryptocurrency attacks in Ethopia, Nigeria, India and more

Check Point Research has discovered new attacks targeting cryptocurrency users in Ethiopia, Nigeria, India and 93 other countries. The cybercriminals behind the attacks are using a variant of the Phorpiex…

Relentless Log4j Attacks Include State Actors, Possible Worm

More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell. Call it a “logjam” of threats: Attackers including nation-state actors have already targeted…

Cybersecurity experts debate concern over potential Log4j worm

As the fallout from the Log4j vulnerability continues, cybersecurity experts are debating what the future might hold.  Tom Kellermann, VMware’s head of cybersecurity strategy, said the Log4j vulnerability is one…

Virginia Reeling from Ransomware

Virginia Reeling from Ransomware Virginia is fighting cyber-fires on two fronts after ransomware attacks affected both its state legislature and an agency within its executive branch.  In an attack that struck on…

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

SAP’s still feverishly working to patch another 12 apps vulnerable to the Log4Shell flaw, while its Patch Tuesday release includes 21 other fixes, some rated at 9.9 criticality. SAP has…

Nation-state hackers aim to exploit Log4j software flaw, Microsoft warns

Written by AJ Vicens and Tim Starks Dec 15, 2021 | CYBERSCOOP Hackers associated with the governments of China, Iran, North Korea and Turkey have been trying to find ways…