Microsoft is urging customers to keep their Exchange servers updated as well as take steps to bolster the environment, such as enabling Windows Extended Protection and configuring certificate-based signing of PowerShell serialization payloads.... Read more »

The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee... Read more »

The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could... Read more »

Ukraine has come under a fresh cyber onslaught from Russia that involved the deployment of a previously undocumented Golang-based data wiper dubbed SwiftSlicer. ESET attributed the attack to Sandworm, a... Read more »

Cybersecurity researchers have discovered the real-world identity of the threat actor behind Golden Chickens malware-as-a-service, who goes by the online persona “badbullzvenom.” eSentire’s Threat Response Unit (TRU), in an exhaustive report... Read more »

Cybersecurity researchers have uncovered a PlugX sample that employs sneaky methods to infect attached removable USB media devices in order to propagate the malware to additional systems. “This PlugX... Read more »

The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored actors for information-gathering operations. “The attacks are not aimed at... Read more »

Orcus is a Remote Access Trojan with some distinctive characteristics. The RAT allows attackers to create plugins and offers a robust core feature set that makes it quite a dangerous... Read more »

The infrastructure associated with the Hive ransomware-as-a-service (RaaS) operation has been seized as part of a coordinated law enforcement effort involving 13 countries. “Law enforcement identified the decryption keys... Read more »