Cloudflare is experiencing widespread latency and timeouts
Cloudflare is experiencing "wide-spread" latency issues with their network and services, causing websites to load slowly and customers to experience performance issues accessing the customer dashboard. [...]
https://www.bleepingcomputer.com/news/technology/cloudflare-is-experiencing-widespread-latency-and-timeouts/
Cloudflare is experiencing "wide-spread" latency issues with their network and services, causing websites to load slowly and customers to experience performance issues accessing the customer dashboard. [...]
https://www.bleepingcomputer.com/news/technology/cloudflare-is-experiencing-widespread-latency-and-timeouts/
BleepingComputer
Cloudflare is experiencing widespread latency and timeouts
Cloudflare is experiencing "wide-spread" latency issues with their network and services, causing websites to load slowly and customers to experience performance issues accessing the customer dashboard.
McMenamins breweries hit by a Conti ransomware attack
Portland brewery and hotel chain McMenamins suffered a Conti ransomware attack over the weekend that disrupted the company's operations. [...]
https://www.bleepingcomputer.com/news/security/mcmenamins-breweries-hit-by-a-conti-ransomware-attack/
Portland brewery and hotel chain McMenamins suffered a Conti ransomware attack over the weekend that disrupted the company's operations. [...]
https://www.bleepingcomputer.com/news/security/mcmenamins-breweries-hit-by-a-conti-ransomware-attack/
BleepingComputer
McMenamins breweries hit by a Conti ransomware attack
Portland brewery and hotel chain McMenamins suffered a Conti ransomware attack over the weekend that disrupted the company's operations.
Facebook disrupts operations of seven surveillance-for-hire firms
Facebook has disrupted the operations of seven different spyware-making companies, blocking their Internet infrastructure, sending cease and desist letters, and banning them from its platform. [...]
https://www.bleepingcomputer.com/news/security/facebook-disrupts-operations-of-seven-surveillance-for-hire-firms/
Facebook has disrupted the operations of seven different spyware-making companies, blocking their Internet infrastructure, sending cease and desist letters, and banning them from its platform. [...]
https://www.bleepingcomputer.com/news/security/facebook-disrupts-operations-of-seven-surveillance-for-hire-firms/
BleepingComputer
Facebook disrupts operations of seven surveillance-for-hire firms
Facebook has disrupted the operations of seven different spyware-making companies, blocking their Internet infrastructure, sending cease and desist letters, and banning them from its platform.
Log4j attackers switch to injecting Monero miners via RMI
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. [...]
https://www.bleepingcomputer.com/news/security/log4j-attackers-switch-to-injecting-monero-miners-via-rmi/
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. [...]
https://www.bleepingcomputer.com/news/security/log4j-attackers-switch-to-injecting-monero-miners-via-rmi/
BleepingComputer
Log4j attackers switch to injecting Monero miners via RMI
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success.
This image looks very different on Apple devices β see for yourself
This image appears starkly different when viewed in Apple iOS and Mac devices as opposed to others. BleepingComputer explains why. [...]
https://www.bleepingcomputer.com/news/technology/this-image-looks-very-different-on-apple-devices-see-for-yourself/
This image appears starkly different when viewed in Apple iOS and Mac devices as opposed to others. BleepingComputer explains why. [...]
https://www.bleepingcomputer.com/news/technology/this-image-looks-very-different-on-apple-devices-see-for-yourself/
BleepingComputer
This image looks very different on Apple devices β see for yourself
This image appears starkly different when viewed in Apple iOS and Mac devices as opposed to others. BleepingComputer explains why.
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell' and 'Logjam,' the vulnerability has set the internet on fire. Below we summarize the four or more CVEs identified thus far, and pretty good reasons to ditch log4j version 2.15.0 for 2.16.0. [...]
https://www.bleepingcomputer.com/news/security/all-log4j-logback-bugs-we-know-so-far-and-why-you-must-ditch-215/
Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell' and 'Logjam,' the vulnerability has set the internet on fire. Below we summarize the four or more CVEs identified thus far, and pretty good reasons to ditch log4j version 2.15.0 for 2.16.0. [...]
https://www.bleepingcomputer.com/news/security/all-log4j-logback-bugs-we-know-so-far-and-why-you-must-ditch-215/
BleepingComputer
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has set the internet on fire. Below we summarize the four or more CVEs identified thus far, and pretty good reasons to ditch log4j version 2.15.0 for 2.17.0.
Conti ransomware uses Log4j bug to hack VMware vCenter servers
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines. [...]
https://www.bleepingcomputer.com/news/security/conti-ransomware-uses-log4j-bug-to-hack-vmware-vcenter-servers/
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines. [...]
https://www.bleepingcomputer.com/news/security/conti-ransomware-uses-log4j-bug-to-hack-vmware-vcenter-servers/
BleepingComputer
Conti ransomware uses Log4j bug to hack VMware vCenter servers
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines.
Logistics giant warns of BEC emails following ransomware attack
Hellmann Worldwide is warning customers of an increase in fraudulent calls and emails regarding payment transfer and bank account changes after a recent ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/logistics-giant-warns-of-bec-emails-following-ransomware-attack/
Hellmann Worldwide is warning customers of an increase in fraudulent calls and emails regarding payment transfer and bank account changes after a recent ransomware attack. [...]
https://www.bleepingcomputer.com/news/security/logistics-giant-warns-of-bec-emails-following-ransomware-attack/
BleepingComputer
Logistics giant warns of BEC emails following ransomware attack
Hellmann Worldwide is warning customers of an increase in fraudulent calls and emails regarding payment transfer and bank account changes after a recent ransomware attack.
US emergency directive orders govt agencies to patch Log4j bug
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. [...]
https://www.bleepingcomputer.com/news/security/us-emergency-directive-orders-govt-agencies-to-patch-log4j-bug/
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. [...]
https://www.bleepingcomputer.com/news/security/us-emergency-directive-orders-govt-agencies-to-patch-log4j-bug/
BleepingComputer
US emergency directive orders govt agencies to patch Log4j bug
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days.
CISA urges VMware admins to patch critical flaw in Workspace ONE UEM
CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information. [...]
https://www.bleepingcomputer.com/news/security/cisa-urges-vmware-admins-to-patch-critical-flaw-in-workspace-one-uem/
CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information. [...]
https://www.bleepingcomputer.com/news/security/cisa-urges-vmware-admins-to-patch-critical-flaw-in-workspace-one-uem/
BleepingComputer
CISA urges VMware admins to patch critical flaw in Workspace ONE UEM
CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information.
Credit card info of 1.8 million people stolen from sports gear sites
Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers. [...]
https://www.bleepingcomputer.com/news/security/credit-card-info-of-18-million-people-stolen-from-sports-gear-sites/
Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers. [...]
https://www.bleepingcomputer.com/news/security/credit-card-info-of-18-million-people-stolen-from-sports-gear-sites/
BleepingComputer
Credit card info of 1.8 million people stolen from sports gear sites
Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers.
TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library. [...]
https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-revived-in-linux-windows-log4j-attacks/
Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library. [...]
https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-revived-in-linux-windows-log4j-attacks/
BleepingComputer
TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Threat actors have revived an old and relatively inactive ransomware family known as TellYouThePass, deploying it in attacks against Windows and Linux devices targeting a critical remote code execution bug in the Apache Log4j library.
The Week in Ransomware - December 17th 2021 - Enter Log4j
A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat actors as part of their ransomware attacks. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-17th-2021-enter-log4j/
A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat actors as part of their ransomware attacks. [...]
https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-december-17th-2021-enter-log4j/
BleepingComputer
The Week in Ransomware - December 17th 2021 - Enter Log4j
A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat actors as part of their ransomware attacks.
Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS
Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changes today with version 2.17.0 out that fixes CVE-2021-45105, a DoS vulnerability. [...]
https://www.bleepingcomputer.com/news/security/upgraded-to-log4j-216-surprise-theres-a-217-fixing-dos/
Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changes today with version 2.17.0 out that fixes CVE-2021-45105, a DoS vulnerability. [...]
https://www.bleepingcomputer.com/news/security/upgraded-to-log4j-216-surprise-theres-a-217-fixing-dos/
BleepingComputer
Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS
Yesterday, BleepingComputer summed up all the log4j and logback CVEs known thus far. Ever since the critical log4j zero-day saga began last week, security experts have time and time again recommended version 2.16 as the safest release to be on. That changesβ¦
Western Digital warns customers to update their My Cloud devices
Western Digital is urging customers to update their WD My Cloud devices to the latest available firmware to keep receiving security updates on My Cloud OS firmware reaching the end of support. [...]
https://www.bleepingcomputer.com/news/security/western-digital-warns-customers-to-update-their-my-cloud-devices/
Western Digital is urging customers to update their WD My Cloud devices to the latest available firmware to keep receiving security updates on My Cloud OS firmware reaching the end of support. [...]
https://www.bleepingcomputer.com/news/security/western-digital-warns-customers-to-update-their-my-cloud-devices/
BleepingComputer
Western Digital warns customers to update their My Cloud devices
Western Digital is urging customers to update their WD My Cloud devices to the latest available firmware to keep receiving security updates on My Cloud OS firmware reaching the end of support.
New stealthy DarkWatchman malware hides in the Windows Registry
A new malware named 'DarkWatchman' has emerged in the cybercrime underground, and it's a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger. [...]
https://www.bleepingcomputer.com/news/security/new-stealthy-darkwatchman-malware-hides-in-the-windows-registry/
A new malware named 'DarkWatchman' has emerged in the cybercrime underground, and it's a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger. [...]
https://www.bleepingcomputer.com/news/security/new-stealthy-darkwatchman-malware-hides-in-the-windows-registry/
BleepingComputer
New stealthy DarkWatchman malware hides in the Windows Registry
A new malware named 'DarkWatchman' has emerged in the cybercrime underground, and it's a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a C# keylogger.
Phishing attacks impersonate Pfizer in fake requests for quotation
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims. [...]
https://www.bleepingcomputer.com/news/security/phishing-attacks-impersonate-pfizer-in-fake-requests-for-quotation/
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims. [...]
https://www.bleepingcomputer.com/news/security/phishing-attacks-impersonate-pfizer-in-fake-requests-for-quotation/
BleepingComputer
Phishing attacks impersonate Pfizer in fake requests for quotation
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims.
T-Mobile says it blocked 21 billion scam calls this year
T-Mobile says it blocked 21 billion scam, spam, and unwanted robocalls this year through its free Scam Shield robocall and scam protection service, amounting to an average of 1.8 billion scam calls identified or blocked every month. [...]
https://www.bleepingcomputer.com/news/security/t-mobile-says-it-blocked-21-billion-scam-calls-this-year/
T-Mobile says it blocked 21 billion scam, spam, and unwanted robocalls this year through its free Scam Shield robocall and scam protection service, amounting to an average of 1.8 billion scam calls identified or blocked every month. [...]
https://www.bleepingcomputer.com/news/security/t-mobile-says-it-blocked-21-billion-scam-calls-this-year/
BleepingComputer
T-Mobile says it blocked 21 billion scam calls this year
T-Mobile says it blocked 21 billion scam, spam, and unwanted robocalls this year through its free Scam Shield robocall and scam protection service, amounting to an average of 1.8 billion scam calls identified or blocked every month.
Log4j vulnerability now used to install Dridex banking malware
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...]
https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-to-install-dridex-banking-malware/
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...]
https://www.bleepingcomputer.com/news/security/log4j-vulnerability-now-used-to-install-dridex-banking-malware/
BleepingComputer
Log4j vulnerability now used to install Dridex banking malware
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter.
UK govt shares 585 million passwords with Have I Been Pwned
The United Kingdom's National Crime Agency has contributed more than 585 million passwords to the Have I Been Pwned service that lets users check if their login information has leaked online. [...]
https://www.bleepingcomputer.com/news/security/uk-govt-shares-585-million-passwords-with-have-i-been-pwned/
The United Kingdom's National Crime Agency has contributed more than 585 million passwords to the Have I Been Pwned service that lets users check if their login information has leaked online. [...]
https://www.bleepingcomputer.com/news/security/uk-govt-shares-585-million-passwords-with-have-i-been-pwned/
BleepingComputer
UK govt shares 585 million passwords with Have I Been Pwned
The United Kingdom's National Crime Agency has contributed more than 585 million passwords to the Have I Been Pwned service that lets users check if their login information has leaked online.
FBI: State hackers exploiting new Zoho zero-day since October
The Federal Bureau of Investigation (FBI) says a zero-day vulnerability in Zoho's ManageEngine Desktop Central has been under active exploitation by state-backed hacking groups (also known as APTs or advanced persistent threats) since at least October. [...]
https://www.bleepingcomputer.com/news/security/fbi-state-hackers-exploiting-new-zoho-zero-day-since-october/
The Federal Bureau of Investigation (FBI) says a zero-day vulnerability in Zoho's ManageEngine Desktop Central has been under active exploitation by state-backed hacking groups (also known as APTs or advanced persistent threats) since at least October. [...]
https://www.bleepingcomputer.com/news/security/fbi-state-hackers-exploiting-new-zoho-zero-day-since-october/
BleepingComputer
FBI: State hackers exploiting new Zoho zero-day since October
The Federal Bureau of Investigation (FBI) says a zero-day vulnerability in Zoho's ManageEngine Desktop Central has been under active exploitation by state-backed hacking groups (also known as APTs or advanced persistent threats) since at least October.