TRU Security

A graph recently released by the National Institute of Standards and Technology (NIST) shows that for the fifth year in a row, there have been a record-breaking number of reported vulnerabilities.

Notepad++, one of the most popular, and free, text and source code editors for Windows systems, is being used by attackers to distribute malware.

The notorious Emotet malware, which recently returned from a hiatus after its botnet was dismantled by a joint task force early this year, has begun installing Cobalt Strike directly — a deviation from its typical tactic of installing a trojan like TrickBot or Qbot and then delivering Cobalt Strike through it.

A critical remote code execution (RCE) vulnerability (CVE-2021-44228) in the Log4j Java library is affecting most Java applications, including VMWare vCenter, Minecraft, Twitter, iCloud, and ElasticSearch.

A recent report from the FBI shows that Cuba ransomware has scored at least $43.9 million in total ransom payments after successful attacks on 49 different targets in five critical infrastructure sectors.

Fear of the recent Omicron COVID-19 variant is providing fuel for phishing threats — like one U.K.-based campaign that makes use of a fake NHS website.

Shortly after Trickbot was observed dropping an updated version of the Emotet botnet malware, Windows Defender began incorrectly reporting certain executables and Microsoft Office documents as Emotet payloads.