A new malware dubbed ‘ProxyShellMiner’ exploits the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners throughout a Windows domain to generate profit for the attackers. ProxyShell...
Defense’s updated plan focuses on role-specific requirements and comes as the agency’s cyber workforce strategy is slated for imminent release. The Defense Department’s Chief Information Officer,...
A new Mirai botnet variant tracked as ‘V3G4’ targets 13 vulnerabilities in Linux-based servers and IoT devices to use in DDoS (distributed denial of service) attacks....
An Office of the National Cyber Director official discussed the path of transitioning public and private networks to post-quantum cryptographic standards, and emphasizes data inventory in...
Want to get the latest web security news straight to your inbox? Now you can, with the upcoming launch of The Daily Swig’s first ever newsletter. We’re...
Microsoft has reminded admins that Exchange Server 2013 is reaching its extended end-of-support (EOS) date in 60 days, on April 11, 2023. Today’s announcement follows two...
The APT37 threat group uses a new evasive ‘M2RAT’ malware and steganography to target individuals for intelligence collection. APT37, also known as ‘RedEyes’ or ‘ScarCruft,’ is...
The LastPass security breach in late 2022 sent a shockwave through the security community. Password managers are typically seen as the most secure and trusted platforms because they...
Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City to take all its IT systems...
A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses. Code signing certificates...