My TechDecisions

Search Results: sophos

Log4Shell, CVE-2021-44228

VMware Horizon Servers Still Under Log4Shell Attacks

Hackers are still using the Log4Shell exploit to attack VMware Horizon servers and deploy cryptominers and backdoors, according to Sophos.

March 29, 2022 Zachary Comeau Leave a Comment

Hackers are continuing to leverage the Log4Shell vulnerability to attack VMware Horizon servers and deploy cryptocurrency mining malware and backdoors, with a large wave of such attacks from mid-January still ongoing, according to cybersecurity firm Sophos. In a new report, Sophos says the attempts to leverage Horizon continued and grew in number throughout January and […]

Read More
CISA

CISA Adds 66 CVEs to Known Exploited Vulnerabilities List

The majority of the new additions to CISA's list of known exploited vulnerabilities are several years old, including 8 from 2010 or earlier.

March 28, 2022 Zachary Comeau Leave a Comment

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added 66 software security bugs that are being actively exploited to its database of known exploited vulnerabilities, including some from leading technology vendors that date back several years. For the majority of the products implicated in the new additions, there are patches available to remediate the […]

Read More
Microsoft Defender Antimalware engine

The Qakbot Malware Now Interjects Itself Into The Middle of Email Conversations

Qakbot uses other compromised accounts to interject itself in the form of a reply-all email that includes a link to download malicious files.

March 11, 2022 Zachary Comeau Leave a Comment

The notorious and heavily distributed email-borne malware Qakbot is now being spread via a new technique: inserting malicious replies into the middle of existing email conversations. According to cybersecurity firm Sophos, Qakbot uses the compromised accounts of other infected victims to interject itself in the form of a reply-all message that includes a short sentence […]

Read More
Average Ransomware Payment 2021

The Conti Ransomware Leaks: Six Takeaways

Leaked internal information about the Conti ransomware group is giving IT and network defenders new insight into how cybercriminals operate.

March 7, 2022 Zachary Comeau Leave a Comment

Information security, nation-state hacking, ransomware and malware have been front and center of the Russia-Ukraine conflict, with hackers on each side allegedly launching large-scale attacks against the infrastructure of their opponent. Although Russia is infamous for its hacking activities and ransomware groups long believed to be protected by the country’s government, threat actors in other […]

Read More
Russia Cyberattack

10 Things IT Can Do To Harden Cyber Defenses Amid The Russia-Ukraine Conflict

With cyberattacks stemming from the Ukraine crisis possibly spilling over into the West, here are 10 cybersecurity steps IT can take now.

February 25, 2022 Zachary Comeau Leave a Comment

Cyberattacks have been front and center in the Ukraine crisis, as the country is not just suffering from conventional warfare as it fights with Russia. The country’s critical infrastructure has been repeatedly attacked, purportedly by hackers working for their next door adversary. These attacks have targeted government websites, infrastructure and more with DDoS attacks and […]

Read More
Phishing

These Were The Top Phishing Topics in 2021

The pandemic and vaccination were the most common phishing topic among hackers in 2021, new report research says.

January 26, 2022 Zachary Comeau Leave a Comment

Phishing remains among the top security threats to any organization, as the attack vector is often where a hacker first attempts to steal credentials and access victim networks with the end goal of stealing secrets, deploying ransomware or other malicious activities. Since the start of the COVID-19 pandemic, phishing attempts have grown considerably, with nearly […]

Read More

Semperis Extends Active Directory Protection With Expansion Into Australia and New Zealand

January 18, 2022 TechDecisions Staff Leave a Comment

New team in the region propels Semperis’ global growth of hybrid identity protection solutions and follows recent expansion into APAC HOBOKEN, N.J.–(BUSINESS WIRE)–Semperis, the pioneer of identity-driven cyber resilience for enterprises, today announced that it is expanding its comprehensive Active Directory (AD) protection, mitigation, and recovery solutions to Australia and New Zealand with a Melbourne-based […]

Read More
Log4j, Log4Shell

A Chinese Ransomware Operator Is Leveraging Log4j Bugs, VMWare Horizon

Ransomware operation leveraging Log4j bugs began attacking internet-facing systems running VMWare Horizon earlier this month, Microsoft says.

January 11, 2022 Zachary Comeau Leave a Comment

The IT and cybersecurity community sounded the alarm last month when researchers discovered vulnerabilities in Log4j, the ubiquitous java logger used by a wide range of tech products. The tool has been patched and vendors are quickly deploying its own patches for products that use the tool, but the situation is not getting much better […]

Read More
Education Ransomware

This New Ransomware Strain Uses Safe Mode, Remote Desktop Tools

Sophos details new ransomware family that leverages Safe Mode and IT management tools to maintain persistence in victim networks.

December 22, 2021 Zachary Comeau Leave a Comment

Ransomware remains the top cybersecurity concern for businesses around the world, with new strains and operators popping up routinely, including one detailed by cybersecurity firm Sophos that leverages Safe Mode on target computers to disable third-party drivers and endpoint protection products. In a post and a series of tweets, the company introduces the IT community […]

Read More
Log4j, Log4Shell

Which Products Are Impacted By the Log4j Vulnerability?

CISA and other governments' agencies are maintaining updated lists of vendors with software impacted by the Log4j vulnerability.

December 15, 2021 Zachary Comeau Leave a Comment

Multiple governments have released a long list of IT vendors and their products that are impacted by the Log4j vulnerability, including the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Dutch National Cyber Security Centrum (NCSC) The two agencies are maintaining running lists of vendors impacted by the vulnerability on their respective GitHub repositories, […]

Read More