The Spring Framework vulnerability (CVE-2022-22947) is a maximum severity weakness that attackers can abuse to gain remote code execution on unpatched hosts.

The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim payouts exceeding $150,000,000, making the Conti Ransomware variant the costliest strain of ransomware ever documented.

Dedalus Biology provides services to thousands of medical laboratories in the country and the fine is for exposing sensitive details of 491,939 patients from 28 laboratories.

The most notable crypto-mining firm hit by the latest package of U.S. sanctions is BitRiver, founded in Russia in 2017 by Igor Runets, the firm’s current CEO.

The fake fraud alerts reference the payment amount and financial institution names and ask the targets to confirm if they tried to make instant payments of thousands of dollars.

A list of VMware products affected by Spring4Shell is available in an advisory from the company. Where a fix is not available, VMware released a workaround as a temporary solution.

The new set of 66 actively exploited vulnerabilities published by CISA spans disclosure dates between 2005 and 2022, covering a broad spectrum of software and hardware types and versions.

In the alleged attack against Kaseya, Vasinskyi caused the deployment of malicious Sodinokibi/REvil code throughout a Kaseya product that caused the Kaseya production functionality to deploy REvil ransomware to “endpoints” on Kaseya customer networks, explained the U.S. DoJ announcement

Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related individuals, CERT-UA said earlier today. After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages. Later, the attackers use contact details from the victim’s address book to send the phishing emails.

The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months.This was disclosed in a TLP: WHITE joint cybersecurity...