A statement released by Accellion yesterday states that they became aware of a vulnerability in their legacy FTA service in mid-December, and a patch was deployed to all customers.
The ‘Rogue’ RAT infects victims with a keylogger, allowing attackers to easily monitor the use of websites and apps in order to steal usernames and passwords, as well as financial data.
Microsoft has released a new version of the Sysinternals package and updated the Sysmon utility with the ability to detect Process Herpaderping and Process Hollowing attacks.
Those best practices would need to comply with recommendations from or protecting data from the National Institute of Standards and Technology or some other government-endorsed standards body.
The SolarWinds supply chain compromise won’t be the last of its kind. Vendors and enterprises alike must learn and refine their detection efforts to find the next such attack.
“We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” Ubiquiti said in emails sent to customers today.
The Pentagon has six months to release a full report on what they know about the existence of Unidentified Aerial Phenomena (UAP) — or UFOs to the rest of us. This creates room for new phishing scams.
Colorado-based short line rail operator and logistics provider OmniTRAX was hit by a recent ransomware attack and data theft that targeted its corporate parent, Broe Group.
Enterprise use of biometrics for security may see an uptick by organizations looking to defend themselves from attacks, but they must weigh the concerns against the benefits.
The company’s unsecured ElasticSearch database contained personally identifiable information (PII) from at least 214 million people from around the world using Facebook, Instagram, and LinkedIn.