News
-
New DeadBolt Ransomware Targets NAT Devices
There’s a new ransomware that targets NAT devices made by QNAP: The attacks started today, January 25th, with QNAP devices suddenly finding their files encrypted and file names appended with a .deadbolt file extension. Instead of creating ransom notes in each folder on the device, the QNAP device’s login page is hijacked to display a…
-
Passwords are Like Toothbrushes – Not to Be Shared!!
Sometimes, I feel that my brain is full! We are all bombarded with information on so many fronts and quite frankly, I often feel like I don’t have room for much more! A quick scroll on my socials and I’m inundated with news from friends (which I love) plus ads plus multiple news updates. I…
-
Passwords are Like Toothbrushes – Not to Be Shared!!
Sometimes, I feel that my brain is full! We are all bombarded with information on so many fronts and quite frankly, I often feel like I don’t have room for much more! A quick scroll on my socials and I’m inundated with news from friends (which I love) plus ads plus multiple news updates. I…
-
Serious PwnKit flaw in default Linux installations requires urgent patching
Security researchers have found a privilege escalation vulnerability in pkexec, a tool that’s present by default on many Linux installations. The flaw, called PwnKit, could allow attackers to easily gain root privileges on systems if they have access to a regular user without administrative privileges. Researchers from security firm Qualys who discovered and reported the…
-
Serious PwnKit flaw in default Linux installations requires urgent patching
Security researchers have found a privilege escalation vulnerability in pkexec, a tool that’s present by default on many Linux installations. The flaw, called PwnKit, could allow attackers to easily gain root privileges on systems if they have access to a regular user without administrative privileges. Researchers from security firm Qualys who discovered and reported the…
-
SASE in the spotlight as businesses prioritize edge network security
Edge is the concept that moves computing from a centralized model to a decentralized one, away from datacenter consolidation across cloud and infrastructure, applications, and workloads and closer to where data is generated or consumed. According to a new report from AT&T Business, edge network definitions and usage are in a state of flux across…
-
SASE in the spotlight as businesses prioritize edge network security
Edge is the concept that moves computing from a centralized model to a decentralized one, away from datacenter consolidation across cloud and infrastructure, applications, and workloads and closer to where data is generated or consumed. According to a new report from AT&T Business, edge network definitions and usage are in a state of flux across…
-
BotenaGo strikes again – malware source code uploaded to GitHub
Executive summary In November 2021, AT&T Alien Labs™ first published research on our discovery of new malware written in the open-source programming language Golang. The team named this malware “BotenaGo.” (Read previous article here.) In this article, Alien Labs is updating that research with new information. Recently BotenaGo source code was uploaded to GitHub, potentially…
-
BotenaGo strikes again – malware source code uploaded to GitHub
Executive summary In November 2021, AT&T Alien Labs™ first published research on our discovery of new malware written in the open-source programming language Golang. The team named this malware “BotenaGo.” (Read previous article here.) In this article, Alien Labs is updating that research with new information. Recently BotenaGo source code was uploaded to GitHub, potentially…
-
Experts Reveals 29% Surge in Bugs Used by Ransomware Actors
Experts Reveals 29% Surge in Bugs Used by Ransomware Actors There’s been a 29% increase in the number of vulnerabilities exploited by ransomware groups to compromise their targets over the past year, according to a new industry report. The Ransomware Spotlight Year End Report was written by security vendors Ivanti and Cyware alongside CVE numbering authority Cyber Security…