MalwareTwitter, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland… – SWN #401Twitter Opt-In, the DOJ, DarkSeoul, Fake Employees, PlugX, Stargazer Ghost, Aaran Leyland, and More on the Security Weekly News.
Network SecurityTech firms top list of most targeted industry in Q2 by cybercriminalsThe rise in upstream attacks has cybercriminals increasingly setting their sites on technology companies.
Vulnerability ManagementHackers bypass Windows SmartScreen flaw to launch malwareCybercriminals are stepping up efforts to bypass a critical component in Microsoft Defender in order to covertly install malware
Vulnerability ManagementPKFail bug puts firmware security at riskResearchers say that a years-old security leak is putting a number of production model PCs at risk of persistent remote takeover.
Network SecuritySpain arrests three in pro-Russian DDoS crew takedownNoName057(16) functions as a hacktivist crew primarily carrying out politically motivated DDoS attacks.
Critical Infrastructure SecurityFrostyGoop malware uses Modbus, threatens ICS systems worldwideIndustrial manufacturers should take steps to protect Modbus devices and segment networks.
Network Security5 ways threat actors are taking advantage of the CrowdStrike outageA wide range of phishing lures, some spreading dangerous malware, have popped up around the web.
Vulnerability ManagementWindows installer tagged with flaws that could elevate privilegesAn unpatched vulnerability in the way Windows handles installer files could put systems at risk of attack.
Vulnerability ManagementVMware, Adobe bugs exploited in active attacks as Cisco warns of critical ‘10.0’ flawCISA added three bugs to the KEV catalog in all; Cisco gives flaw on Cisco Smart Software Manager On-Prem a 10 rating.
Seven tips that offer short-term and long-term fixes following the CrowdStrike outageCallie Guenther July 19, 2024
How to bridge the gap between the IT and legal staffs to better combat insider riskJoe PayneApril 2, 2024
It makes sense for the Biden administration to focus on software security – but it’s up to the industry to make it happen John Funge November 29, 2023