The FBI warned that attackers are impersonating Health & Human Services and/or Amazon to mail BadUSB-poisoned USB devices to targets in transportation, insurance & defense.
The malware establishes initial access on targeted machines, then waits for additional code to execute.
Researchers offer more detail on the bug, which can allow attackers to completely take over targets.
The high-severity RCE flaw is in the KCodes NetUSB kernel module, used by popular routers from Netgear, TP-Link, DLink, Western Digital, et al.
Dangerous security bugs stemming from widespread inconsistencies among 16 popular third-party URL-parsing libraries could affect a wide swath of web applications.
Cyberattacks increased 50 percent YoY in 2021 and peaked in December due to a frenzy of Log4j exploits, researchers found.
End of life, end of support, pandemic-induced shipping delays and remote work, scanning failures: It’s a recipe for a patching nightmare, federal cyberserurity CTO Matt Keller says.
Fertility Centers of Illinois’ security measures protected electronic medical records, but the attackers still got at extremely intimate data in admin files.
Attackers are trading millions of records from a trio of pre-holiday breaches on an online forum.
There are active ransomware and brute-force attacks being launched against internet-exposed, network-attached storage devices, the device maker warned.