Ransomware gang Conti has already bounced back from damage caused by chat leaks, experts say

Written by Suzanne Smalley Mar 7, 2022 | CYBERSCOOP A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of…

Trends that shaped ransomware – and why it’s not slowing down

Written by CyberScoop Staff Jan 14, 2022 | CYBERSCOOP Read the full report. Ransomware isn’t showing signs of slowing down in the new year. It’s staked its claim as a…

Attackers bypass Microsoft security patch to drop Formbook malware

The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious executable. Sophos Labs researchers have shared their findings…

A List of Vulnerable Products to the Log4j Vulnerability

Two days ago, we wrote a post about the Log4j vulnerability that is currently wreaking havoc on the cyberthreat landscape. The flaw stands for an open-source Java logging library. By…

Khonsari ransomware, Iranian group Nemesis Kitten seen exploiting Log4j vulnerability

Security researchers have found evidence that the group behind the Khonsari ransomware is exploiting the Log4j vulnerability to deliver it. Other state-sponsored groups are also looking into the vulnerability, according…

Log4j update: Experts say log4shell exploits will persist for 'months if not years'

Cybersecurity experts believe CVE-2021-44228, a remote code execution flaw in Log4j, will take months, if not years, to address due its ubiquity and ease of exploitation. Steve Povolny, head of advanced…

Log4Shell Is Spawning Even Nastier Mutations

Threat Post – Threat Post – The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a…

CISA to brief critical infrastructure companies about urgent new Log4j vulnerability

Written by Tonya Riley Dec 13, 2021 | CYBERSCOOP The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will host a call with critical infrastructure stakeholders Monday afternoon about…

Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability

Cyber attackers are making over a hundred attempts to exploit a critical security vulnerability in Java logging library Apache Log4j every minute, security researchers have warned. The Log4j flaw (also…

“Worst-Case Scenario” Log4j Exploit Travels the Globe

“Worst-Case Scenario” Log4j Exploit Travels the Globe Security teams across the globe have been scrambling to address a dangerous new zero-day vulnerability in a popular Apache logging system currently being…