Threat Roundup for January 21 to January 28

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan. 21 and Jan. 28. As with previous roundups, this post isn’t meant to be an…

Threat Roundup for January 14 to January 21

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan. 14 and Jan. 21. As with previous roundups, this post isn’t meant to be an…

Threat Roundup for January 7 to January 14

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Jan. 7 and Jan. 14. As with previous roundups, this post isn’t meant to be an…

Log4Shell Is Spawning Even Nastier Mutations

Threat Post – Threat Post – The cybersecurity Hiroshima of the year – the Apache Log4j logging library exploit – has spun off 60 bigger mutations in less than a…

Log4j RCE activity began on December 1 as botnets start using vulnerability

Image: Kevin Beaumont The usage of the nasty vulnerability in the Java logging library Apache Log4j that allowed unauthenticated remote code execution could have kicked off as early as December…

Malvertising attack distributes malicious Chrome extensions, backdoors

Researchers believe that the campaign has been active since 2018, and since then, the malware has been under development constantly. Cisco Talos researchers have identified malvertising campaigns using fake installers…

This password-stealing and keylogging malware is being spread through fake software downloads

Cyber criminals are using online adverts for fake versions of popular software to trick users into downloading three forms of malware – including a malicious browser extension with the same capabilites as trojan…

IKEA Hit by Email Reply-Chain Cyberattack

IKEA, king of furniture-in-a-flat-box, warned employees on Friday that an ongoing cyberattack was using internal emails to malspam malicious links in active email threads. As of Friday – as in,…

Attackers exploiting Windows Installer vulnerability despite patching

According to Cisco Talos, abusing the flaw would allow an attacker with limited access to get higher privileges and become an administrator. A Windows Installer security vulnerability, tracked as CVE-2021-41379,…

Hackers are targeting this Microsoft Windows Installer flaw, say security researchers

Hackers have already created malware in a bid to exploit an elevation of privilege vulnerability in Microsoft’s Windows Installer. Microsoft released a patch for CVE-2021-41379, an elevation of privilege flaw…