The Center for Internet Security (CIS) has released its new version 7.1 of the top 20 Critical Security Controls. The updated version includes new Implementation Groups designed to identify relevant CIS controls that are reasonable for an organization with a similar risk profile and available cybersecurity resources.
CIS Controls Version 7.1 released Read More »
A newly discovered botnet dubbed Xwo has been scanning the internet for exposed web services and default passwords. The malware was discovered by AT&T’s Alien Labs back in March and is related to malware families MongoLock and Xbash.
Xwo botnet scans for exposed web services and default passwords Read More »
A new threat report warns of LockerGoga ransomware activity disrupting networks of industrial and manufacturing organizations in Norway and in the U.S.
LockerGoga Ransomware threat Read More »
Microsoft used a court order last Wednesday to take control of 99 websites used by cyber threat group Phosphorus (also known as APT35 or Charming Kitten) widely associated with Iranian hackers.
Microsoft takes down 99 websites used by APT35/Phosphorus Read More »
Cisco released a new security update warning users of ongoing, limited, exploitation of a critical WebEx vulnerability that impacts multiple products.
New reports of Critical Cisco WebEx RCE vulnerability exploits Read More »
A security researcher released details on a new zero-day vulnerability that impacts the TP-Link All-in-One SR20 Smart Home Router and Hub.
Home router TP-Link Zero-day vulnerability Read More »
Cyber attackers have compromised hundreds of CMS sites running WordPress or Joomla to serve up Shade ransomware and phishing pages in the wild.
Compromised WordPress, Joomla sites used to spread Shade ransomware Read More »
ASUS released a new security update in response to Advanced Persistent Threat (APT) actors that targeted certain international organizations. A new version of ASUS Live Update was made available.
ASUS updates Live Update Software, response to APT Read More »
Apple released security updates that address vulnerabilities in multiple products, to include iOS, macOS, Xcode, Safari, iCloud, iTunes and tvOS.
Apple security updates for iOS 12.2 and other products Read More »
Cyber attackers have hijacked ASUS Live Update and downloaded a back-doored version to thousands of ASUS PCs last year. The utility is pre-installed on most ASUS computers and is used to keep ASUS PCs up-to-date with latest firmware, drivers and applications.
Operation ShadowHammer hijacks ASUS Live Update to install backdoor Read More »
