Cryptolaemus, a cybersecurity research firm, has warned that the Log4j vulnerability is currently being used to infect Windows devices with the Dridex Trojan and Linux devices with Meterpreter.

Many apps used by schools contain features that can lead to the “unregulated and out of control” sharing of student data to advertising firms and other security issues, as per a Me2B Alliance report.

Group-IB said the scam targets 90+ countries, including the US, Canada, South Korea, and Italy. It offers fake surveys and giveaways from popular brands, to steal users’ personal and financial data.

WhiteSource has made available an open-source tool to detect vulnerable instances of Log4j logging software. The recently disclosed flaw allows attackers to launch an RCE attack via Java applications.

“Firmware Update 8.2B contains important security updates that you should definitely apply, even if you don’t need the advanced features,” the company said without directly referencing the issue.

Over 70% of cloud resources available for sale on underground marketplaces are RDP accounts, making it more pervasive on the dark web than regular cloud accounts, according to a recent analysis.

According to a new report by T-Mobile, the number of scam calls more than doubled over the past year, successfully bilking wireless phone customers out of $29.8 billion in 2021 alone.

The Ministry confirmed the Log4j attack on its network. They did not say if it was a ransomware attack but explained that “quarantine measures” were put in place to “contain the infected elements.”

The attacker exploited the protocol’s vault contract through five reentrancy loops, which allowed them to fake five additional deposits into a vault while the platform is processing the first deposit.

On Oct 15, these sites realized that they had been compromised, and on Nov 29, they notified their customers about this data breach in which the hackers have stolen over 1.8 million credit cards data.