A recently identified DDoS botnet has targeted several router models and various types of web servers by exploiting known vulnerabilities, Fortinet warns.
New ‘Enemybot’ DDoS Botnet Targets Routers, Web Servers
U.S. Gov Blames North Korea Hackers for $600M Cryptocurrency Heist
The U.S. government says the recent $600 million Ronin Validator cryptocurrency heist was conducted by Lazarus Group, the notorious hacking outfit linked to the North Korean government.
Critical Code Execution Flaw Haunts VMware Cloud Director
Cloud computing and virtualization technology firm VMWare on Thursday rolled out patches for an extremely critical security flaw in the VMWare Cloud Director product, warning that unpatched systems are at risk of remote code execution attacks.
Cloud Security Startup DoControl Raises $30 Million
Cloud data security startup DoControl has closed a $30 million Series B funding round that brings the total raised by the company to $43 million.
The financing round was led by Insight Partners, with additional investments from Cardumen Capital, CrowdStrike Falcon Fund, RTP Global, and StageOne Ventures.
Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities
Schneider Electric says no evidence that Incontroller/Pipedream malware exploits vulnerabilities
VMWare Confirms Workspace One Exploits in the Wild
Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMWare is warning that one of the flaws is being exploited in the wild.
Microsoft Seizes Control of Notorious Zloader Cybercrime Botnet
Microsoft has disrupted the operation of one of the most notorious cybercrime botnets and named a Crimean hacker as an alleged perpetrator behind the distribution of ransomware to the network of infected machines.
Microsoft Patches 128 Windows Flaws, New Zero-Day Reported by NSA
Microsoft on Tuesday issued a warning for an in-the-wild zero-day attack hitting Windows users and raised eyebrows when it credited the U.S. government National Security Agency (NSA) with reporting the live exploitation.
Adobe Patches Gaping Security Holes in Acrobat, Reader, Photoshop
Adobe’s security update engine revved into overdrive this month with the release of patches for at least 78 documented software vulnerabilities, some serious enough to expose corporate customers to remote code execution attacks.
OpenSSH Moves to Prevent ‘Capture Now, Decrypt Later’ Attacks
OpenSSH has joined the high-stakes fight to protect data from quantum computers.
The latest version of the widely used encryption and connectivity tool has been fitted with new features to prevent “capture now, decrypt later” attacks linked to advancements in quantum computing.
