Eric Swotinsky

The Belgian Defense Ministry and organizations running VMware vCenter Servers are being actively attacked via the Log4Shell vulnerability.

Multi-national logistics giant Hellmann Worldwide Logistics recently reported a cyberattack on their infrastructure.

There are a number of ways to increase password strength, but it all means nothing if your credentials are stolen. A series of new phishing campaigns shows increased focus on info-stealing tactics.

A storm supercell turned disastrous on December 10–11, with more than 50 tornadoes spawning across eight U.S. states. One tornado alone left a path of destruction more than 225 miles (402 km) long, affecting four states.

Kronos, the provider of workforce management and human capital management solutions, has suffered a significant ransomware attack that threatens to disrupt payroll and timesheet processing services for its customer organizations.

A graph recently released by the National Institute of Standards and Technology (NIST) shows that for the fifth year in a row, there have been a record-breaking number of reported vulnerabilities.

Notepad++, one of the most popular, and free, text and source code editors for Windows systems, is being used by attackers to distribute malware.

The notorious Emotet malware, which recently returned from a hiatus after its botnet was dismantled by a joint task force early this year, has begun installing Cobalt Strike directly — a deviation from its typical tactic of installing a trojan like TrickBot or Qbot and then delivering Cobalt Strike through it.

Late last week, a critical zero-day vulnerability in the popular Java logging library Log4j surfaced when attackers were observed exploiting Minecraft servers via the game’s chat box. It has since become clear that the vulnerability in question poses perhaps the largest security threat we’ve seen in years.Details are still unfolding, but here’s what we know now.

A critical remote code execution (RCE) vulnerability (CVE-2021-44228) in the Log4j Java library is affecting most Java applications, including VMWare vCenter, Minecraft, Twitter, iCloud, and ElasticSearch.

A recent report from the FBI shows that Cuba ransomware has scored at least $43.9 million in total ransom payments after successful attacks on 49 different targets in five critical infrastructure sectors.

Fear of the recent Omicron COVID-19 variant is providing fuel for phishing threats — like one U.K.-based campaign that makes use of a fake NHS website.