Malware

Microsoft has published an advisory about a distributed denial-of-service (DDoS) malware called XorDdos that is targeting Linux endpoints and servers. The company has warned that its security researchers have detected a 254 percent surge in the malware’s activity during the last six months. The security research group MalwareMustDie first discovered the XorDDoS malware back in…

Cybersecurity researchers have discovered that the threat actors are testing new attack techniques to distribute malware. Indeed, the latest version of the highly sophisticated Emotet botnet uses PowerShell commands attached to the XLL files to target Windows PCs. Emotet is an advanced Trojan that is primarily used to spread malware via phishing emails on compromised…

A team of security researchers has discovered that attackers are now exploiting the critical Spring4Shell vulnerability to spread Mirai malware on target systems. The Mirai botnet malware attacks were first detected earlier this month, and the threat actors are currently targetting vulnerable web servers in the Singapore region. According to Trend Micro’s researchers, the threat…

Last week, Microsoft announced that it has temporarily disabled the MSIX protocol handler to prevent malicious attacks on Windows 10 and 11. The company says this change aims to address a newly discovered Windows AppX Installer spoofing vulnerability, which was discovered in December 2021. For those unfamiliar with the Windows AppX Installer, it’s a Windows…

Microsoft has shared some important details about the evolution of a malware called “UpdateAgent” that started targeting Mac devices in 2020. Yesterday, Microsoft’s threat intelligence team warned users that the new variants of this trojan have become more sophisticated, and they are currently installing adware payloads on infected Mac machines. The UpdateAgent malware was first…

This month, a flaw in the Apache Log4j library causes panic, Microsoft patches 67 new CVEs, 7 of which are rated Critical. And Adobe delivers a boat load of patches to finish off the year in style. So, let’s get started! Apache Log4j remote code execution vulnerability Let’s start this month by talking about Log4Shell…

In this article, I’m going to describe how to use Microsoft 365 Defender Threat Analytics to improve security in your organization. Over three Petri articles, we’ve dived into what Microsoft Defender for Endpoint (MDE) is, how you can migrate to it, and how it should be configured. Part 1: Understanding Microsoft Defender for Endpoint and…

Microsoft uses National Cybersecurity Awareness Month to highlight import security issues to help raise awareness with its customers.

Some people worry that Exchange Online mailboxes could be compromised by ransomeware and people will be forced to pay BitCoin to decrypt their messages. It’s certainly a possibility, but out-of-the-box solutions exist if you’re unlucky enough to be infected. That is, if you’ve done the necessary up-front planning to prepare for the worst to happen.,

According to SCORE, the US association for small businesses, a survey conducted for National Cybersecurity Awareness Month shows that 43% of cyberattacks are targeted at small businesses.