Cybersecurity Starts in the Boardroom
CISA has updated it advisory covering the WhisperGate malware and other data wiper malware that has been deployed against Ukraine since January 2022: CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine | CISA Destructive malware targeting Ukrainian organizations – Microsoft Security Blog WhisperGate malware detected by Microsoft …
Continue reading “CISA updates the destructive/wiper malware advisory”
I have written a couple of time about the vulnerabilities in VMware – they are patched now but the article below shows there are groups still trying to attack those organisations, slow to patch, with an active exploit. Iran’s Rocket Kitten likely behind VMware exploitation • The Register Why bother. …
This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …
Continue reading “Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022”
Microsoft (and Google) take a very active role when it comes to countering malware, cyber attacks and scams. Notorious cybercrime gang’s botnet disrupted – Microsoft On the Issues Microsoft uses court order to disrupt ZLoader botnet – The Record by Recorded Future Microsoft details malware that hides its scheduled tasks …
Continue reading “Microsoft takes action against cyber crime gangs”
Hacker spent nearly five months inside a US regional government network, downloading files, using software and deleting logs, before deploying Lockbit ransomware. Sophos recreated the attack from what was left of the logs and believe the attackers got in through a public facing remote desktop protocol (RDP) port – something …
Continue reading “Sophos report even government agencies can miss hackers in their network”
