Collaborate Disseminate
VMware is urging customers to patch their VMware Horizon instances as these systems have been targeted in a recent wave of attacks exploiting the Log4Shell vulnerability.
read more
Continue reading VMware Warns of Log4j Attacks Targeting Horizon Servers
Network-attached storage (NAS) solutions manufacturer QNAP on Wednesday warned users of a DeadBolt ransomware campaign targeting their devices, encouraging them to correctly secure any Internet-facing NAS and routers.
read more
Continue reading QNAP Warns NAS Users of DeadBolt Ransomware Attacks
Hackers have started targeting a recently patched vulnerability affecting SonicWall’s Secure Mobile Access (SMA) 100 series appliances, and while the attacks observed to date do not appear to have been successful, that could soon change.
read more
… Continue reading SonicWall Customers Warned of Possible Attacks Exploiting Recent Vulnerability
A recent campaign targeting individuals in Hong Kong has leveraged at least two pieces of malware designed to target macOS systems.
read more
Continue reading New macOS Malware ‘DazzleSpy’ Used in Hong Kong Attacks
Log4Shell, the critical unauthenticated remote code execution vulnerability identified in early December 2021 in the Apache Log4j logging utility, hasn’t seen the mass exploitation that many expected, but an exploit for it is now part of the Mirai botn… Continue reading Fewer-Than-Expected Log4j Attacks, but Mirai Joins the Fray
Researchers discovered that the Control Web Panel (CWP) web hosting panel is affected by two serious vulnerabilities that can allow attackers to remotely hack servers, and it’s possible that they may have already been exploited in the wild.
read more
… Continue reading CWP Flaws That Expose Servers to Remote Attacks Possibly Exploited in the Wild
Unknown threat actors implanted backdoor code into multiple WordPress themes and plugins after compromising the website of their developer, Automattic’s Jatpack security research team reports.
read more
Continue reading Hacked AccessPress Site Served Backdoored WordPress Plugins, Themes
In the recent attack aimed at the Ukrainian government, the attackers likely had access to the targeted network for months before causing damage, according to Cisco’s Talos threat intelligence and research unit.
read more
Continue reading Ukraine Attack: Hackers Had Access for Months Before Causing Damage
The use of DNS over HTTPS (DoH) for command and control communications is making it more difficult to track botnets, according to anti-spam nonprofit Spamhaus.
read more
Continue reading DoH Makes It Difficult to Track Botnets: Spamhaus
Thousands of industrial organizations worldwide have been hit in campaigns that leverage short-lived malware to harvest corporate credentials that are then sold by threat actors for a profit, according to Kaspersky.
read more
Continue reading Thousands of Industrial Firms Targeted in Attacks Leveraging Short-Lived Malware