Hackers abuse legitimate remote monitoring and management tools in attacks
Researchers and government agencies warn that threat actors are increasing their use of commercial RMM tools to enable financial scams.
Researchers and government agencies warn that threat actors are increasing their use of commercial RMM tools to enable financial scams.
The ManageEngine vulnerability is easy to exploit and enables remote code execution. Patches are available.
More than a third of ICS device vulnerabilities have no patch available at a time when ICS environments face threats from new cyber crime groups.
A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection.
In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild.
Log4Shell is likely to remain a favored vulnerability to exploit as organisations lack visibility into their software supply chains.
Cybercriminal group Automated Libra's PurpleUrchin campaign uses the fake accounts for cryptomining operations.
The ransomware gang was able to use signed malicious drivers to disable endpoint security tools. Microsoft has revoked the certificates.
A demonstrated attack in IBM’s cloud infrastructure allowed them access to the internal server used to build database images for customer deployments.
Ransom Cartel, a RaaS operation, has stepped up its attacks over the past year after the disbanding of prominent gangs such as REvil and Conti.
Abusing variants of legitimate penetration testing tools has become a standard tactic for many attackers seeking to fool security teams.
A group of attackers, likely based in Vietnam, that specialises in targeting employees with potential access to Facebook business has re-emerged.
On the naughty list this year are a host of bad actors employing a huge variety of different bot attacks that can have a big impact on retail websites.
Tests show that deploying malware in a persistent manner on load balancer firmware is within reach of less sophisticated attackers.
Distributing malware inside password-protected archives has long been one of the main techniques used by attackers to bypass email security filters.
Innovation Awards is the market-leading awards program for celebrating ecosystem innovation and excellence across the technology sector in Australia.