The Cybersecurity Advisory (CSA) published details on the top 15 vulnerabilities most routinely exploited by malicious cyber actors in 2021. Common CVEs include Log4Shell, ProxyLogon, ProxyShell, ZeroLogon and others.
The Federal Bureau of Investigation (FBI) has released new information on BlackCat (also known as ALPHV) ransomware as a service (RaaS), that has compromised at least 60 entities worldwide as of March 2022.
US Government cybersecurity experts are warning of advanced persistent threat (APT) actors using custom tools to target and compromise multiple industrial control system (ICS) and supervisory control and data acquisition (SCADA) devices.
The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical VMware Workspace ONE Access and Identity Manager vulnerability to its Known Exploited Vulnerabilities Catalog. VMware also confirmed known exploits in the wild have been detected for CVE-2022-22954.
The Cybersecurity and Infrastructure Security Agency (CISA) has added a Critical WatchGuard and two Microsoft Active Directory flaws, along with five other vulnerabilities to its Known Exploited Vulnerabilities Catalog.
A first of its kind malware dubbed Denonia has been targeting Amazon Web Services (AWS) Lambda, an event-driven, serverless computing platform.
Researchers from Trend Micro have spotted threat actors exploiting the Spring4Shell vulnerability CVE-2022-22965 to weaponize and execute Mirai botnet.
In the past month, researchers from FortiLabs have detected a new cyber campaign involving Chinese Advanced Persistent Threat (APT) group Deep Panda that has exploited the Log4Shell (log4j) vulnerability CVE-2021-44228 on vulnerable VMware Horizon servers to install digitally signed Fire Chili rootkits.
The Federal Bureau of Investigation (FBI) has issued a report of cybercriminals using RagnarLocker ransomware to target 52 entities across critical infrastructure sectors. The report includes the latest updates on indicators of compromise (IoC) on the ransomware threat.
Following on the footsteps of other destructive disk-wiping malware attacks, ESET researchers have also discovered a second wiper malware dubbed IsaacWiper targeting governmental networks in Ukraine.
