Researchers say hackers have compromised the VoIP desktop client of 3CX's Phone System, used by 600K+ companies and 12M+ DAUs, in an ongoing supply chain attack
https://www.3cx.com/... Any vendor of software and services that pull in code from NPM, PIP, RubyGems etc … Eitan Erez : This supply chain attack started unfolding not long ago as...
Microsoft identifies a destructive malware operation targeting Ukrainian organizations; the malware looks like ransomware but lacks a ransom recovery mechanism
European Union simulated a cyber attack on a fictitious Finnish power company Vilius Petkauskas / cybernews.com : Belarus state hackers suspected behind Ukraine cyberattack Grugq /...
Ukraine says a cyberattack brought down several government agency websites for hours, but their content was not changed and no sensitive data was stolen
Ukraine said a cyberattack brought down the websites of several government agencies for hours. Authorities didn't immediately comment …
Microsoft and cybersecurity company Mandiant say hacking groups linked to China, Iran, North Korea, and Turkey are exploiting the Log4j flaw
Researchers call it one of the most dire cybersecurity threats to emerge in years and could enable devastating attacks
CISA orders US federal civilian agencies to patch systems affected by the Log4j vulnerability by December 24
The US Cybersecurity and Infrastructure Security Agency has told federal civilian agencies to patch systems affected by the Log4Shell vulnerability by Christmas Eve. Source: CISA .
Microsoft says the attacks targeting SolarWinds Serv-U software with a now-patched RCE exploit are the work of Chinese hacking group DEV-0322
Microsoft said today that the recent wave of attacks that have targeted SolarWinds file transfer servers are the work of a Chinese hacking group …
Microsoft says the attacks targeting SolarWinds Serv-U software with a now-patched RCE exploit are the work of Chinese hacking group DEV-0322
Microsoft said today that the recent wave of attacks that have targeted SolarWinds file transfer servers are the work of a Chinese hacking group …
A task force of 60+ experts from industry, government, nonprofits, and academia calls on the US and allies to take steps to fight a surge in ransomware attacks
the Secret Weapon to Combatting Ransomware Danny Palmer / ZDNet : Ransomware is now a national security risk. This group thinks it knows how to defeat it Duncan Riley / SiliconANG...
Interviews with 15 people show CISA is underfunded, short on talent, outmatched by adversaries, and overwhelmed by the fallout from two massive cyberattacks
The agency that protects the U.S. from hackers is hobbled by funding woes, a talent shortage and growing pains that are jeopardizing … Tweets: @ericgeller , @gossithedog , @kevinco...
Microsoft warns users a new Chinese state-sponsored threat actor is exploiting four previously undisclosed zero days in Exchange Server; patches are available
Microsoft is warning customers that a new China state-sponsored threat actor is exploiting four previously undisclosed security flaws …
Sources: Turkey-backed hackers have used DNS hijacking to obtain login credentials, targeting ~30 EU and Middle East governments and organizations since 2018
Profile of Cliff Stoll, whose memoir The Cuckoo's Egg, which traces the first known case of state-sponsored hacking, inspired a generation of cybersecurity pros
and Stoll has become a cybersecurity icon. https://www.wired.com/... Dame Mlley / @damienmulley : I read this book when I was 18 I think. It was fascinating. If I re-read it now It...
Profile of Cliff Stoll, whose memoir The Cuckoo's Egg, which traces the first known case of state-sponsored hacking, inspired a generation of cybersecurity pros
Andy Greenberg / Wired : Tweets: @damienmulley , @wired , @instacyber , @stvemillertime , @likethecoins , and @ronindey Tweets: Dame Mlley / @damienmulley : I read this book when ...