GootLoader Hackers Targeting Employees of Law and Accounting FirmsThe Hacker News

Operators of the GootLoader campaign are setting their sights on employees of accounting and law firms as part of a fresh onslaught of widespread cyberattacks to deploy malware on infected systems, an indication that the adversary is expanding its focus to other high-value targets. "GootLoader is a stealthy initial access malware,...

Read more...

Privacy e processo tributario telematico, cosa cambia dopo l’ok del GaranteRiccardo Berti e Franco Zumerle

Il Garante privacy ha dato il proprio via libera alle nuove regole tecniche del Processo tributario telematico, norme che vanno a modificare il Decreto direttoriale del 4 agosto 2015, uno dei provvedimenti principali in questo ambito della giustizia digitale L'articolo Privacy e processo tributario telematico, cosa cambia dopo l’ok del...

Read more...

Meeting Patching-Related Compliance Requirements with TuxCareThe Hacker News

Cybersecurity teams have many demands competing for limited resources. Restricted budgets are a problem, and restricted staff resources are also a bottleneck. There is also the need to maintain business continuity at all times. It's a frustrating mix of challenges – with resources behind tasks such as patching rarely sufficient...

Read more...

Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell BackdoorThe Hacker News

An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed "CharmPower" for follow-on post-exploitation. "The actor's attack setup was obviously rushed, as they used the basic open-source tool for the exploitation and based...

Read more...

US Cyber Command Links ‘MuddyWater’ Hacking Group to Iranian IntelligenceThe Hacker News

The U.S. Cyber Command (USCYBERCOM) on Wednesday officially confirmed MuddyWater's ties to the Iranian intelligence apparatus, while simultaneously detailing the various tools and tactics adopted by the espionage actor to burrow into victim networks. "MuddyWater has been seen using a variety of techniques to maintain access to victim networks," USCYBERCOM's Cyber...

Read more...