For anyone about to sit back after checking their environment for the Log4j vulnerabilities and applying patches where needed, here are…
Month: December 2021
What SMBs can do to protect against Log4Shell attacks
As you may already know, the business, tech, and cybersecurity industries have been buzzing about Log4Shell (CVE-2021-44228), aka Logjam, the latest…
Kronos crippled by ransomware, service may be out for weeks
Human resources platform provider UKG has put out a statement saying it’s fallen prey to ransomware that has disrupted the Kronos…
5 security lessons from 18 months of working from home
A little more than 20 months ago, many people around the world were asked or instructed to work from home to…
Spear phish, whale phish, regular phish: What’s the difference?
There are many types of phishing attack nowadays, to the extent it can be tricky to keep up with them all….
A week in security (Dec 6 – 12)
Last week on Malwarebytes Labs: Stay safe!
Click “OK” to defeat MFA
Researchers have discovered that Nobelium—the threat actor behind the infamous SolarWinds supply-chain attack, the Sunburst backdoor, TEARDROP malware, GoldMax malware, and…
[Update: CISA issues Log4j vulnerabilities scanner] Log4j zero-day “Log4Shell” arrives just in time to ruin your weekend
If you’re running a service that relies on Apache Struts or uses the popular Apache Log4j utility we hope you haven’t…
What is a search engine and why does anyone care which one you use?
An attempt at a simple definition: a search engine is a software system that allows users to find content on the…
Has your WordPress site been backdoored by a skimmer?
Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers at…