Author: DEFENDEDGE
-
CISA’s Annual National Cybersecurity Summit
Original release date: September 13, 2021 CISA will host its fourth annual National Cybersecurity Summit on Wednesdays during the month of October. The 2021 Summit will be held as a series of four virtual events bringing stakeholders together in a forum for meaningful conversation: Oct. 6 – Assembly Required: The Pieces of the Vulnerability Management… Read more
-
Yandex Pummeled by Potent Meris DDoS Botnet
Record-breaking distributed denial of service attack targets Russia’s version of Google – Yandex. Read more
-
Russian Ransomware Group REvil Back Online After Two-Month Hiatus
The operators behind the REvil ransomware-as-a-service (RaaS) staged a surprise return after a two-month hiatus following the widely publicized attack on technology services provider Kaseya on July 4. Two of the dark web portals, including the gang’s Happy Blog data leak site and its payment/negotiation site, have resurfaces online, with the most recent victim added… Read more
-
Financial Cybercrime: Why Cryptocurrency is the Perfect ‘Getaway Car’
John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency. Read more
-
Thousands of Fortinet VPN Account Credentials Leaked
They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit. Read more
-
‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise
A chain of exploits could allow a malicious Azure user to infiltrate other customers’ cloud instances within Microsoft’s container-as-a-service offering. Read more
-
SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’
Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers. Read more
-
Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix
An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom. Read more
-
Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports
Australian immunization app bug lets attackers fake vaccine status. Read more
-
Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows
Attackers are actively attempting to exploit a vulnerability in MSHTML that allows them to craft a malicious ActiveX control to be used by Microsoft Office files. Read more