Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool.
Author: Jai Vijayan, Contributing Writer
Threat actor is using the flaw to deliver Core Impact backdoor on vulnerable systems, security vendor says.
Ransomware and other financially motivated threat actors joined nation-state-backed groups in leveraging unpatched flaws in attack campaigns, new data shows.
Stuxnet was the first known malware built to attack operational technology environment. Since then, there have been several others.
Three flaws present in consumer laptops can give attackers a way to drop highly persistent malware capable of evading methods to remove it, security vendor says.
The recent discovery of highly customized malware targeting programmable logic controllers has renewed concerns about the vulnerability of critical infrastructure.
The banking Trojan-turned-ransomware-distribution tool has been a potent threat since late 2019.
The attack involved use of a new version of Industroyer tool for manipulating industrial control systems.
SharkBot was hidden in apps masquerading as antivirus tools.
Collaboration between the two firms will help organizations better identify and protect against complexity cyberthreats, chief executives from both companies said.