Security researchers are raising alarm on an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer.
Hundreds Infected With ‘Wasp’ Stealer in Ongoing Supply Chain Attack
US Gov Warning: Start Hunting for Iranian APTs That Exploited Log4j
The U.S. government on Wednesday issued a blunt recommendation for organizations running VMWare Horizon servers: Initiate threat-hunting activities to find and expel Iranian APT actors that used the Log4j crisis to slip undetected into corporate networks.
Akeyless Raises $65 Million for Secrets Management Tech
Israeli early-stage startup Akeyless has banked a whopping $65 million in venture capital funding to build technology to help businesses manage credentials, certificates, keys and other secrets flowing through multi-cloud environments.
Bishop Fox Adds $46 Million to Series B Funding Round
Continuous attack surface management pioneer Bishop Fox continues to attract the attention of investors with the banking of another $46 million in growth funding led by WestCap.
Long-Standing Chinese Cybercrime Campaign Spoofs Over 400 Brands
Threat intelligence firm Cyjax has uncovered a long-standing and sophisticated cybercrime campaign spoofing more than 400 popular brands.
Microsoft Links Prestige Ransomware Attacks to Russian State-Sponsored Hackers
Microsoft has attributed the recently observed Prestige ransomware attacks to a Russian state-sponsored hreat actor tracked as Iridium.
Gaping Authentication Bypass Holes in VMWare Workspace One
Virtualization technology giant VMware joined the Patch Tuesday train this week to deliver urgent security patches to its VMWare Workspace One product.
Attackers Using IPFS for Distributed, Bulletproof Malware Hosting
The InterPlanetary File System (IPFS), considered one of the building blocks of web3, is increasingly being used to provide hidden bulletproof hosting for malware.
“Multiple malware families are currently being hosted within IPFS and retrieved during the initial stages of malware attacks,” say researchers at Cisco Talos.
Microsoft Scrambles to Thwart New Zero-Day Attacks
The zero-day attacks against Microsoft’s software products are showing no signs of slowing down.
Microsoft: China Flaw Disclosure Law Part of Zero-Day Exploit Surge
The world’s largest software maker is warning that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks.
