New Year ! New Threat Landscape ! Beware
There’s no way to put it nicely: cybercrime just continues to get worse as we become increasingly connected. 2020 was a banner year for ransomware and by all accounts, it’s…
Log4j BlindSpots
Apache Java logging library log4j‘s popularity and its ability to hide in code,landmines hiding in infrastructure due to log4j’s Log4Shell security vulnerabilities. The good news is there are scanning tools that…
SSD Over Provisioning Abused to Bypass Security
Korean researchers discovered a vulnerability in SSD that enables malware to infect an SSD's empty over-provisioning partition directly. This enables the malware to be practically impervious to security defenses. Over-provisioning…
Vice Society Claims Responsible for Amedia Cyber Attack
The Vice Society ransomware gang has claimed responsibility for an attack on a U.K. Spar wholesaler earlier this month and is being linked to an attack on a Norwegian newspaper…
Most Headlined Major Security Acquisition 2021: Part2
2021 is shaping up to be an active year for mergers and acquisitions in the cybersecurity industry. March alone saw more than 40 firms being acquired. The level of activity…
Most Headlined Major Security Acquisition 2021: Part1
2021 is shaping up to be an active year for mergers and acquisitions in the cybersecurity industry. March alone saw more than 40 firms being acquired. The level of activity…
Data Vault Security Flaw Impacts Data Integrity
Researchers has discovered that DataVault encryption software made by ENC Security and used by multiple vendors is affected by a couple of key derivation function issues. An attacker can exploit the flaws…
Aquatic Panda Exploits With Log4j
Cyberespionage group Aquatic Panda linked with china was spotted exploiting the Log4Shell vulnerability (CVE 2021-44228) in an attack aimed at a large academic institution. The APT group is using a…