Oregon medical group notifies 750,000 patients of breach, says FBI seized accounts from HelloKitty ransomware

The Oregon Anesthesiology Group (OAG) said it suffered a ransomware attack in July that led to the breach of sensitive employee and patient information. The breach involves the information of…

Volatile and Adaptable: Tracking the Movements of Modern Ransomware

Trend Micro – Trend Micro – Volatile and Adaptable: Tracking the Movements of Modern Ransomware Ransomware Trend Micro’s tracking of modern ransomware, as well as of older families, shows which…

Khonsari ransomware, Iranian group Nemesis Kitten seen exploiting Log4j vulnerability

Security researchers have found evidence that the group behind the Khonsari ransomware is exploiting the Log4j vulnerability to deliver it. Other state-sponsored groups are also looking into the vulnerability, according…

5 Ways AI Will Revolutionize Cybersecurity

Artificial intelligence (AI) continues to change nearly every facet of online and offline life, from how we interact with friends and family to the way we do business and protect…

How to Buy Precious Patching Time as Log4j Exploits Fly

Podcast: Cybereason shares details about its vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show being disclosed. Sure, Apache got a patch…

Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

Karakurt: Another Threat Actor Group on the Cyberthreat Landscape

Accenture’s team of researchers has identified a threat actor group dubbed Karakurt, as the group calls itself. The hacking gang was first discovered during the month of June this year.…

French Users and Orgs Targeted by TinyNuke Info-Stealing Malware

According to security researchers, the TinyNuke banking malware (also known as Nukebot) has resurfaced in a new operation exclusively targeting French users and organizations with invoice-themed email lures. The targets…

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score). The source of the vulnerability is Log4j,…

Where the Latest Log4Shell Attacks Are Coming From

Analysts find at least 10 Linux botnets actively exploiting Log4Shell flaw. Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote code-execution (RCE)…