Category

Risk and Compliance

Risk and Compliance Page 1

Log4j Flaw Vulnerability Expose Devices Cyberattacks

The Log4j flaw still exposes thousands of devices to cyberattacks

Several months after security analysts found the critical zero-day flaw under the Java logging library Apache Log4j, they disclosed that many servers and applications are still prone to cyberattacks posed by the flaw due to failure to apply proper security patches. The vulnerability tracked as CVE-2021-44228 was first detailed last December, allowing hackers to launch...
Continue Reading
Lenovo Windows Firmware Flaws UEFI Attacks BIOS Notebook Ideapad Legion

Lenovo users are warned of three firmware flaws launching UEFI attacks

Three firmware bugs were found in Lenovo devices, which the tech firm immediately patched after discovering that they could be exploited for Unified Extensible Firmware Interface (UEFI) attacks. The vulnerabilities were assigned as CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972 and used for deploying and executing UEFI malware through SPI flash implants or ESP implants inside Lenovo Notebook...
Continue Reading
Lazarus APT South Korea Chemical Sector Cyberespionage Operation Dream Job APT

The Lazarus APT targeted South Korea’s chemical sector

The North Korean-sponsored advanced persistent threat (APT) group called Lazarus targets organisations that operate in South Korea’s chemical sector. This current espionage campaign appears to be the sequel of the Operation Dream Job conducted by the same APT group discovered by researchers in August last year. At the beginning of the year, a research team...
Continue Reading
DoJ Russian Malware Watch Guard Asus Cyclops Blink Sandworm

DoJ eradicated the Russian malware that impacted WatchGuard and Asus

The US Department of Justice (DOJ) has announced that they have successfully eradicated the Cyclops Blink malware that attacked vulnerable internet-connected firewall devices of WatchGuard and Asus tech firms. This operation interrupted the Russian Federation’s Main Intelligence Directorate (GRU)’s control over the botnet that infected thousands of devices. Previously attributed to Russia’s GRU, the Sandworm...
Continue Reading
BitRAT Malware Distribution Impersonation Windows Activator Pirated Software Crack

BitRAT distributes itself by impersonating as Windows Activator

The BitRAT malware campaign is seen attacking users searching for unofficial Windows license activators to activate cracked or pirated Windows Operating System versions. Security researchers observed a phishing attack that distributes Windows 10 Pro license activators in an online store. However, the offered activators of the phishing actors are malicious and composed of BitRAT malware....
Continue Reading
3000 QNAP Network Devices DeadBolt Ransomware NAS Network Area Storage Malware

Over 3,000 QNAP devices affected by the DeadBolt ransomware

Researchers discovered a new ransomware operation called DeadBolt which already impacted many QNAP NAS devices by encrypting its data. According to the latest reports, ransomware has already targeted and affected approximately 3,600 QNAP devices worldwide. The DeadBolt threat actors exploit a zero-day flaw to infect and compromise QNAP devices and encrypt files using their ransomware....
Continue Reading
Backup Error Supercomputer Massive Data Loss Kyoto University Japan HPE Software

An error in supercomputer caused massive data loss at Kyoto University

Based on recent reports in Japan, Kyoto University has lost approximately 80 terabytes of irretrievable data due to the HPE software update of their supercomputer’s backup system. The data loss incident happened last December 14 to 16 last year and resulted in over 30 million files from about 14 research groups being removed from the...
Continue Reading
Mozilla Firefox 94 Patch Release Windows Cloud Clipboard Cybersecurity Risk Web Browser

Mozilla details the Firefox 94 patch related to Windows Cloud Clipboard

The Firefox 94 browser has recently undergone an issue wherein people’s usernames and passwords were recorded in the Cloud Clipboard feature of Windows. Nonetheless, Mozilla has released a patch into this issue, categorizing it as a severe security risk that can expose users’ credentials to threat actors as they copy or cut their usernames and...
Continue Reading
YouTube New Copyright Law Content Creator TOEI Animation Fair Use Mark Fitzpatrick

YouTube applies new copyright law after a creator clashed with a giant firm

The online video-sharing giant, YouTube, has recently employed a new copyright law that allows content creators on the platform worldwide to have flexibility in terms of international copyright policies. This implementation of the new copyright law was applied after a content creator named Mark Fitzpatrick has struck war with a giant animation firm, Toei Animation,...
Continue Reading
Belgium Defence Ministry Cyber Attack Log4j Flaw Apache Server FOSS Europe Vulnerability

Belgium defence ministry revealed being attacked using the Log4j flaw

The Ministry of Defence in Belgium has encountered a cyberattack after threat actors abused a Log4j flaw. The incident recorded the first event that a NATO country’s defence ministry victimised using the flaw. According to a report, the cyberattack occurred recently, resulting in the paralysis of the defence ministry’s activities for several days. A Belgian...
Continue Reading
1 2 3 8