Microsoft's unified threat intelligence team, comprising the Microsoft Threat Intelligence Center (MSTIC), Microsoft 365 Defender Threat Intelligence Team, RiskIQ, and the Microsoft Detection and Response Team (DART), among others, have been tracking threats taking advantage of CVE-2021-44228, a remote code execution (RCE) vulnerability in Apache Log4j 2 referred to as "Log4Shell".
These marketing presentations, posted to a public-facing Huawei website before the company removed them late last year, show Huawei pitching how its technologies can help government authorities identify individuals by voice, monitor political individuals of interest, manage ideological reeducation and labor schedules for prisoners, and help retailers track shoppers using facial recognition.
SAN FRANCISCO, Dec 8 (Reuters) - One of the most prolific Russian-speaking ransomware gangs has claimed credit for a weekend attack on an Australian electric utility serving millions of people. Australian media reported on Monday that Chinese government hackers were behind the breach at CS Energy, which is owned by the Queensland state in northeast Australia.
Google has confirmed yet another security update for Chrome's 2.6 billion users, and this one is an emergency fix as there's a zero-day vulnerability that attackers are already exploiting. In all, Chrome version 96.0.4664.110 fixes no less than five vulnerabilities: four are high-rated, and one is critical.
Proofpoint researchers identified ongoing activity from the banking malware TinyNuke. The activity nearly exclusively targets French entities and organizations with operations in France. The campaigns leverage invoice-themed lures targeting entities in manufacturing, industry, technology, finance, and other verticals. The new activity demonstrates a re-emergence of the malware specifically targeting French users that peaked in popularity in 2018.
Apple has released a new Android app called Tracker Detect, designed to help people who don't own iPhones or iPads to identify unexpected AirTags and other Find My network-equipped sensors that may be nearby. The new app, which Apple released on the Google Play store Monday, is intended to help people look for item trackers compatible with Apple's Find My network.
During this live event, we reveal the top five security practices, based on data from our new Security Outcomes Study, Volume 2 cybersecurity report.
Note: This blogpost will be live-updated with new information. NCC Group's RIFT is intending to publish PCAPs of different exploitation methods in the near future - last updated December 12th at 19:15 UTC tl;dr In the wake of the CVE-2021-44228 (a.k.a. Log4Shell) vulnerability publication, NCC Group's RIFT immediately started investigating the vulnerability in order to...
Major natural gas supplier Superior Plus announced on Tuesday that it is suffering from a ransomware attack. The billion dollar propane seller said the incident started on December 12 but did not respond to questions about which ransomware group was behind the attack or which systems exactly were affected.