1 844.742.7448 
Email Us
Remote Support 
Contact
Attackers use the Telegram handle “Smokes Night” to spread the malicious Echelon infostealer, which steals credentials for cryptocurrency and other user accounts, researchers said.
Threatpost
Security
‘Spider-Man: No Way Home’ Download Installs Cryptominer
The origin of the Monero cryptominer file has been traced to a Russian torrent website, researchers report.
IOTW: Attackers exploit Log4j vulnerability
Ransomware groups have begun exploiting the Log4j vulnerability as security teams rush to patch
Time to Ditch Big-Brother Accounts for Network Scanning
Yaron Kassner, CTO and co-founder of Silverfort, discusses why using all-seeing privileged accounts for monitoring is bad practice.
Threatpost
All in One SEO Plugin Bug Threatens 3M Websites with Takeovers
A critical privilege-escalation vulnerability could lead to backdoors for admin access nesting in web servers.
Threatpost
PYSA Emerges as Top Ransomware Actor in November
Overtaking the Conti ransomware gang, PYSA finds success with government-sector attacks.
Threatpost
All in One SEO Plugin Bug Threatens 3M Websites with Takeovers
A critical privilege-escalation vulnerability could lead to backdoors for admin access nesting in web servers.
Threatpost
Critical Apache HTTPD Server Bugs Could Lead to RCE, DoS
Don’t freak: It’s got nothing to do with Log4Shell, except it may be just as far-reaching as Log4j, given HTTPD’s tendency to tiptoe into software projects.
Threatpost
Four Bugs in Microsoft Teams Left Platform Vulnerable Since March
Attackers exploiting bugs in the “link preview” feature in Microsoft Teams could abuse the flaws to spoof links, leak an Android user’s IP address and launch a DoS attack.
Threatpost
Java Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to Look
There are 17,000npatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits.
Threatpost