Security News > 2022 > July

For more than a year, North Korean hackers have been running a ransomware operation called HolyGhost, attacking small businesses in various countries.Researchers at Microsoft Threat Intelligence Center are tracking the Holy Ghost ransomware gang as DEV-0530.

For more than a year, North Korean hackers have been running a ransomware operation called HolyGhost, attacking small businesses in various countries. Researchers at Microsoft Threat Intelligence Center are tracking the Holy Ghost ransomware gang as DEV-0530.

Organizations can expect risks associated with Log4j vulnerabilities for "a decade or longer," according to the US Department of Homeland Security. "ICS operators rarely know what software is running on their XIoT devices, let alone know if there are instances of Log4j that can be exploited," Thomas Pace, a former Department of Energy cybersecurity lead and current CEO NetRise, told The Register.

DOUG. A brief history of Office macros, a Log4Shell style bug, two OpenSSL crypto bugs, and more. DUCK. If you have a Windows network where you can use Group Policy, for example, then as an administrator you can turn this function on to say, "As a company, we just don't want macros off the internet. We're not going to even offer you a button that you can say, Why not? Why not let the macros run?".

A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos. The kit is hosted on legitimate WordPress websites that have been hacked, which allows it to evade detection to a certain degree.

This is a current list of where and when I am scheduled to speak: I’m speaking as part of a Geneva Centre for Security Policy course on Cyber Security in the Context of International Security,...

Security researchers have spotted some fresh flaws in Lenovo laptops just months after the vendor patched another batch, with the PC maker fixing a trio of vulnerabilities flagged up by ESET this week. The vulnerabilities reported were buffer overflows in the UEFI firmware.

The record-breaking distributed denial-of-service attack that Cloudflare mitigated last month originated from a new botnet called Mantis, which is currently described as "The most powerful botnet to date." The previous record was held by Mēris botnet, which launched an attack that spiked at 21.8 million requests per second.

Cloud security is a challenge likely to keep a lot of IT professionals awake at night. Agents will cover security scanning, software patching, configuration, general system monitoring and system restarts/reboots.

According to the report, the APTs are acting independently of each other but share the same overall goal of targeting journalists. Often posing as journalists themselves, the threat actors have focused on phishing campaigns with the goal of credential harvesting, theft of data helpful to specific regimes and digital surveillance of political journalists.