Security news that informs and inspires

All Articles

2376 articles:

Chinese Attack Group Exploiting SolarWinds Zero Day

A newly identified attack group from China has been discovered exploiting a zero day in the SolarWinds Serv-U FTP products.

Solarwinds

SonicWall Warns of Active Ransomware Campaign Targeting Older Appliances

SonicWall said ransomware actors are targeting a known flaw in firmware running on some of its older security appliances and warned customers to disconnect them immediately.

Ransomware

Biden Says U.S. Will Take ‘Any Necessary Action’ to Defend Against Ransomware

President Biden told Russian President Putin in a phone call tha the U.S. will take "any necessary action" to defend its infrastructure from ransomware and other attacks.

Ransomware, Government

Kaseya Plans to Restart VSA Service Sunday

Kaseya plans to bring its VSA service back online on Sunday afternoon, more than a week after REvil ransomware actors exploited flaws in it.

Ransomware, Kaseya

Microsoft Releases Emergency Patch for PrintNightmare Bug

Microsoft has released an emergency patch for the PrintNightmare CVE-2021-34527 vulnerability in Windows.

Microsoft, Windows

Kaseya Attack Affects Nearly 1,500 Companies

The attack on Kaseya VSA servers that led to REvil ransomware deployments has affected nearly 1,500 companies so far.

Ransomware, Supply Chain

Fancy Bear Running Long Brute-Force Campaign on U.S. Targets

The Fancy Bear attack group has been running a long-term brute-force campaign against Office 365 and Exchange servers in U.S. organizations, the NSA said.

Russia, Government

Exploit Code Released for Critical Windows Print Spooler Flaw

Exploit code for the CVE-2021-1675 Windows print spooler vulnerability is circulating and can bypass the patch for the bug.

Microsoft

Move Fast and Fix Things

Even when NSA discloses zero days to vendors, some of them don't respond quickly and issue fixes.

Microsoft, Government

Nobelium Attackers Compromised Microsoft Customer Support Agent

Microsoft said the Nobelium threat group recently compromised one of its customer support agents and then used stolen account information to target some customers.

Microsoft, Russia

Decipher Podcast: Mark Werremeyer and Bryce Kerley on Hack-a-Sat

Mark Werremeyer and Bryce Kerley join Dennis Fisher to talk about the Hack-a-Sat CTF competition at DEF CON and the need for collaboration between aerospace engineers and cybersecurity professionals.

Podcast, Defcon

Mozilla Rally Aims to Give Control of Personal Data Back to Users

Mozilla Rally is a new data platform that allows Firefox users to consent to the use of some browsing information for research studies.

Mozilla, Privacy

VMware Fixes Critical Authentication Bypass in Carbon Black App Control

VMware has released a patch for a critical authentication bypass flaw in its Carbon Black App Control product.

Vmware

LV Ransomware Group Repurposed REvil Binary, Researchers Find

Secureworks researchers found that the LV ransomware group is using a repurposed, slightly modified version of the REvil ransomware binary.

Ransomware

Google Patches Zero Day in Chrome

Google has fixed a zero day in Chrome 91 that \has been used in active attacks.

Google