1 844.742.7448 
Email Us
Remote Support 
Contact
A quarter-billion of those passwords were not seen in previous breaches that have been added to Have I Been Pwned.
Threatpost
Security
Two Active Directory Bugs Lead to Easy Windows Domain Takeover
Microsoft is urging customers to patch two Active Directory domain controller bugs after a PoC tool was publicly released on Dec. 12.
FBI: Another Zoho ManageEngine Zero-Day Under Active Attack
APT attackers are using a security vulnerability in ManageEngine Desktop Central to take over servers, deliver malware and establish network persistence.
Threatpost
Conti Ransomware Gang Has Full Log4Shell Attack Chain
Conti has become the first professional-grade, sophisticated ransomware group to weaponize Log4j2, now with a full attack chain.
Robocalls More Than Doubled in 2021, Cost Victims $30B
T-Mobile reported blocking 21 billion scam calls during a record-smashing year for robocalls.
Third Log4J Bug Can Trigger DoS; Apache Issues Patch
The new Log4j vulnerability is similar to Log4Shell in that it also affects the logging library, but this DoS flaw has to do with Context Map lookups, not JNDI.
Threatpost
Facebook Bans Spy-for-Hire Firms for Targeting 50K People
Meta, Facebook’s parent company, said that the seven banned actors run fake accounts on its platforms to deceive users and plant malware on targets’ phones.
Threatpost
Spider-Man Movie Release Frenzy Bites Fans with Credit-Card Harvesting
Attackers are using the excitement over the new Spider-Man movie to steal bank information and spread malware.
Threatpost
Malicious Joker App Scores Half-Million Downloads on Google Play
Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges.
Threatpost
Brand-New Log4Shell Attack Vector Threatens Local Hosts
The discovery, which affects services running as localhost that aren’t exposed to any network or the internet, vastly widens the scope of attack possibilities.
Threatpost