Find My LibraryIT Security News
-
Follina Exploited by State-Sponsored Hackers
A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets.
-
Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw
The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario.
-
What Counts as “Good Faith Security Research?”
The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. But legal experts continue to advise researchers to proceed with caution, noting the new guidelines can’t be used as a defense in court, nor are they any kind of shield against civil prosecution.
-
Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again
Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.'
-
Evil Corp Pivots LockBit to Dodge U.S. Sanctions
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity.
-
Cybercriminals Expand Attack Radius and Ransomware Pain Points
Melissa Bischoping, security researcher with Tanium and Infosec Insiders columnist, urges firms to consider the upstream and downstream impact of "triple extortion" ransomware attacks.
-
Scammers Target NFT Discord Channel
Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links.
-
International Authorities Take Down Flubot Malware Network
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
-
Being Prepared for Adversarial Attacks – Podcast
There is no question that the level of threats facing today’s businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinet’s […]
-
Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack
Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
first ... 13 14 15 16 17 ... last more {structure:child_listing:channel}