CSOonline

BianLian group exploits TeamCity again, deploys PowerShell backdoor

The BianLian extortion group was recently seen exploiting vulnerabilities in the TeamCity continuous integration server for initial access into networks. In the latest attacks the group also deployed ...
Bleeping Computer

State hackers use new PowerShell backdoor in Log4j attacks

Hackers believed to be part of the Iranian APT35 state-backed group (aka 'Charming Kitten' or 'Phosphorus') has been observed leveraging Log4Shell attacks to drop a new PowerShell backdoor. The ...
Digital Journal

Cyberattacks using Microsoft PowerShell soar by over 400%

PowerShell is a sophisticated scripting engine that’s frequently used by system administrators to automate common management functions. PowerShell provides command-line access to almost all features ...
techtimes

Log4Shell Exploit Could Take Months or Years to Solve Because of its Ubuquity, Cybersecurity Experts Say

The existence of the Log4j flaw will continue to haunt internet users for months if not years, according to cybersecurity experts. Sigmund from Unsplash The most recent attacks alerted the security ...
Dark Reading

Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning

Enterprise data lakes are filling up as organizations increasingly embrace artificial intelligence (AI) and machine learning — but unfortunately, these are vulnerable to exploitation via the Java ...
CSOonline

Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it

Last year, two high severity, easily exploitable Microsoft Exchange vulnerabilities dubbed ProxyLogon and ProxyShell made waves in the infosec sphere. Nearly a year later, Exchange Server admins are ...