Written by Suzanne Smalley Mar 7, 2022 | CYBERSCOOP A Twitter account known as ContiLeaks debuted to much fanfare in late February, with people around the globe watching as tens of…
Tag: Sophos
Attackers bypass Microsoft security patch to drop Formbook malware
The patch was issued for CVE-2021-40444 to prevent the execution of code that downloaded the Microsoft Cabinet (CAB) archive containing a malicious executable. Sophos Labs researchers have shared their findings…
A List of Vulnerable Products to the Log4j Vulnerability
Two days ago, we wrote a post about the Log4j vulnerability that is currently wreaking havoc on the cyberthreat landscape. The flaw stands for an open-source Java logging library. By…
Log4j update: Experts say log4shell exploits will persist for 'months if not years'
Cybersecurity experts believe CVE-2021-44228, a remote code execution flaw in Log4j, will take months, if not years, to address due its ubiquity and ease of exploitation. Steve Povolny, head of advanced…
Log4Shell Is Spawning Even Nastier Mutations
Threat Post – Threat Post – The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a…
CISA to brief critical infrastructure companies about urgent new Log4j vulnerability
Written by Tonya Riley Dec 13, 2021 | CYBERSCOOP The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will host a call with critical infrastructure stakeholders Monday afternoon about…
Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability
Cyber attackers are making over a hundred attempts to exploit a critical security vulnerability in Java logging library Apache Log4j every minute, security researchers have warned. The Log4j flaw (also…
“Worst-Case Scenario” Log4j Exploit Travels the Globe
“Worst-Case Scenario” Log4j Exploit Travels the Globe Security teams across the globe have been scrambling to address a dangerous new zero-day vulnerability in a popular Apache logging system currently being…