Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

Click here to subscribe to Informationweek.com

Categories: Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines Age: 14 until 18 year 19 until 30 year 31 until 64 years

2 years ago

Html
Text

Follow Dark Reading:

December 15, 2021

LATEST SECURITY NEWS & COMMENTARY

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors Amid the increase in Log4J attack activity, at least one Iranian state-backed threat group is preparing to target the vulnerability, experts say. Microsoft Patches Zero-Day Spreading Emotet Malware The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities. Tool Overload & Attack Surface Expansion Plague SOCs Security professionals are burning out from handling too many tools and facing a growing number of threats, and more than 40% see lack of leadership as the main problem. Combat Misinformation by Getting Back to Security Basics One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources. Source Code Leaks: The Real Problem Nobody Is Paying Attention To Source code is a corporate asset like any other, which makes it an attractive target for hackers.

(Sponsored Article) 5 Ways GRC & Security Can Partner to Reduce Insider Risk

In 2022, data governance, risk, and compliance (GRC) and security need to partner to implement a modern approach to data protection: insider risk management.

Propane Gas Distributor Hit With Ransomware North America-based Superior Plus "temporarily disabled" some of its systems in the wake of the attack. Ransomware Hits Virginia Legislative Agencies The attack forced a shutdown of computer systems and websites for Virginia legislative agencies and commissions, reports state. MORE NEWS / MORE COMMENTARY


HOT TOPICS
Name That Toon: Modern-Day Frosty Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Why the Private Sector Is Key to Stopping Russian Hacking Group APT29 Left unchecked, these attacks could have devastating effects on government and military secrets and jeopardize the software supply chain and the global economy. 10 Stocking Stuffers for Security Geeks Check out our list of gifts with a big impact for hackers and other techie security professionals. MORE

MORE ON LOG4J
40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j More than 60 variants of the original exploit were introduced over the last day alone. How Do I Find My Servers With the Log4j Vulnerability? This Tech Tip outlines how enterprises can use Canarytokens to find servers in their organization vulnerable to CVE-2021-44228. What to Do While Waiting for the Log4J Updates This Tech Tip outlines how enterprise defenders can mitigate the risks of the Log4j vulnerabilities for the short-term while waiting for updates. LATEST FROM THE EDGE
Cisco's Ash Devata on Securing the Hybrid Workforce With Zero Trust Hybrid work is here to stay, and organizations can apply zero trust's three core principles to ensure a secure workforce, Devata says. LATEST FROM DR TECH
Why Classifying Ransomware as a National Security Threat Matters Government actions help starve attack groups of the resources - money, ability to recruit, and time.

Tech Resources

Zero Trust and the Power of Isolation for Threat Prevention Zero Trust in Real Life Protecting Your Mainframe Against Relentless Ransomware 2021 Ransomware Threat Report Cloud & Hybrid Security Tooling Report Cloud Security is Much More than Prevention and Compliance Automation And Unification Enable A Cohesive Attack Surface Defense

ACCESS TECH LIBRARY NOW

Beyond Spam and Phishing: Emerging Email-based Threats

Even as enterprises adopt real-time messaging tools and platforms, email remains the hub of enterprise communications. Adversaries are increasingly targeting the enterprise email inbox, and security teams need to look further than just spam and phishing attacks. In this webinar, ...

Protecting Enterprise Data from Malicious Insiders

It's a sad truth: not all employees are nice. Corporate espionage, sabotage and other security incidents could be committed or aided by any insider with something to gain. How do you know when a once-trustworthy employee is about to do ...

MORE WEBINARS

FEATURED REPORTS

Zero Trust and the Power of Isolation for Threat Prevention Enterprise Cybersecurity Plans in a Post-Pandemic World

As the COVID-19 pandemic eases, IT security threats and the challenges involved in responding to them are trending upward. Security leaders expect that cyberattacks like ransomware, phishing, and malware will increase even as the pandemic eventually recedes. Download the Dark ...

MORE REPORTS

CURRENT ISSUE

How Data Breaches Affect the Enterprise
DOWNLOAD THIS ISSUE	SUBSCRIBE NOW
BACK ISSUES \| MUST READS \| TECH DIGEST

PRODUCTS & RELEASES

Ground Labs Research Reveals 71% of American Consumers are Unaware of Data Protection Laws Tufin Introduces Security Policy Builder (SPB) App to Marketplace Darktrace Reports Information Technology and Communications Sector Most Targeted by Cyberattackers in 2021 MORE PRODUCTS & RELEASES

Dark Reading Daily
-- Published By Dark Reading
Informa Tech
303 Second St., Suite 900 South Tower, San Francisco, CA 94107

To update your profile, change your e-mail address, or unsubscribe, click here.

To opt-out of any future Dark Reading Daily Newsletter emails, please respond here.

Thoughts about this newsletter? Give us feedback.

Keep This Newsletter Out Of Your SPAM Folder
Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list:

If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation.

We take your privacy very seriously. Please review our Privacy Statement.

Share on

Other newsletters from Informationweek.com

How to Create an Accurate IT Project Timeline Informationweek.com
30 minutes ago
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor Informationweek.com
2 hours ago
Privacy Regulations Changing - Are You Prepared? Informationweek.com
13 hours ago

More newsletters from Informationweek.com

Related newsletters

View other categories

Services | Professionals Business goods Financially Kantoor Marketing Retail Retail Industry Machines

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

How Data Breaches Affect the Enterprise

Share on

Other newsletters from Informationweek.com

Related newsletters

View other categories