Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High
Cyberattacks increased 50 percent YoY in 2021 and peaked in December due to a frenzy of Log4j exploits, researchers found.
Source: Threat
[...]
attacks
CDN Cache Poisoning Allows DoS Attacks Against Cloud Apps
A Romanian researcher discovers more than 70 vulnerabilities in how applications and their content delivery networks handle cache misses that open the doors
[...]
Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells
Microsoft says vulnerabilities present a “real and present” danger, citing high volume of scanning and attack activity targeting the widely used Apache logging
[...]
An Adaptive Security Strategy Is Critical for Stopping Advanced Attacks
Ransomware demands a new approach to incident response.
Source: Dark Reading – Threat Intelligence – An Adaptive Security Strategy Is Critical for
[...]
The Next Wave of Log4J Attacks Will Be Brutal
So far, Log4Shell has resulted mostly in cryptomining and a little espionage. The really bad stuff is just around the corner.
Source:
[...]
Why ransomware attacks happen out of hours or during the holidays
Security teams have a choice to make – and doing nothing is not an option Paid Feature Time waits for no one. But
[...]
Facebook expands bug bounty program to include scraping attacks, two years after it was scraped – hard
But still allows limited harvesting Meta has expanded its bug bounty program to include payouts for reports of scraping attacks on Facebook –
[...]
Rise in API-Based Attacks Underscore Investments in New Tools
Noname Security’s Series C fundraising tips the startup to over $1 billion in valuation, a sign that organizations are beginning to look for
[...]
Relentless Log4j Attacks Include State Actors, Possible Worm
More than 1.8 million attacks, against half of all corporate networks, have already launched to exploit Log4Shell.
Source: Threat Post – Web
[...]
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say.
Source: Dark Reading
[...]