The use of DNS over HTTPS (DoH) for command and control communications is making it more difficult to track botnets, according to anti-spam nonprofit Spamhaus.
F5 Patches Two Dozen Vulnerabilities in BIG-IP
Cloud security and application delivery solutions provider F5 this week announced patches for 25 vulnerabilities affecting its BIG-IP, BIG-IQ, and NGINX products.
A total of 23 security flaws were addressed in the BIG-IP application delivery controller (ADC), including 13 high-severity issues, all of which carry a CVSS score of 7.5.
Industry Reactions to Biden Cybersecurity Memo: Feedback Friday
U.S. President Joe Biden this week signed a memorandum on boosting the cybersecurity of National Security, Department of Defense, and Intelligence Community Systems.
High-Severity Vulnerabilities Patched in McAfee Enterprise Product
Two high-severity vulnerabilities that can be exploited for privilege escalation have been patched in a McAfee enterprise product component.
Dark Web Chatter: What Other Russian Hackers Are Saying About the REvil Arrests
The takedown of the REvil ransomware gang by the Russian FSB on January 14, 2022, took the world by surprise. Before this, the unwritten rule was that hackers would be safe in Russia provided they did not attack Russia.
FBI Warns Organizations of Diavol Ransomware Attacks
The Federal Bureau of Investigation (FBI) this week shared a series of indicators of compromise (IoCs) associated with the Diavol ransomware family.
Insurance and Fintech Firm Acrisure Launches Cyber Services Division
Nigerian Authorities Arrest 11 Members of Prolific BEC Fraud Group
Nigerian authorities have arrested 11 individuals believed to be members of the business email compromise (BEC) crime ring tracked as SilverTerrier.
The 11 suspects were arrested as part of a 10-day operation (December 13-22, 2021) in which the Nigerian Police collaborated with Interpol and private security firms Palo Alto Networks and Group-IB.
Security Scanners Across Europe Tied to China Govt, Military
At some of the world’s most sensitive spots, authorities have installed security screening devices made by a single Chinese company with deep ties to China’s military and the highest levels of the ruling Communist Party.
Prolific Chinese APT Caught Using ‘MoonBounce’ UEFI Firmware Implant
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements.













