[TheRecord] Russia could launch digital offensive against Ukraine, administration official warns

Russia could opt to launch a sweeping cyber and disinformation campaign against Ukraine and its government rather than a traditional military invasion of the country, a senior Biden administration said on Monday. “Could the Russian government choose a different course here, one in which they rely more heavily on information operations, cyber and destabilization activities […]

Read More

[TheRecord] Web skimmers hit 300+ sites hidden inside Google Tag Manager containers

Threat actors have abused a legitimate feature of the Google Tag Manager service to secretly add and deploy malicious JavaScript code to more than 300 e-commerce stores since March this year. The malicious code—called a “web skimmer” or “Magecart script”—was used to collect the payment card details of online shoppers, data that was later offered […]

Read More

[TheRecord] Zoho warns of new zero-day vulnerability exploited in attacks

Zoho urged customers on Friday to update their ManageEngine servers and apply a software fix that patches a zero-day vulnerability that is currently being exploited in the wild. Tracked as CVE-2021-44515, the vulnerability impacts Zoho ManageEngine Desktop Central, an endpoint management solution that companies use to manage their workers’ devices. In a security advisory, the company said it […]

Read More

[TheRecord] Germany warns of ransomware attacks over Christmas, citing Emotet return, unpatched Exchange servers

The German cybersecurity authority has told German organizations to expect ransomware and other cyber-attacks over the Christmas and end-of-year holidays, citing the return of the Emotet botnet and the large number of Microsoft Exchange email servers that have been left unpatched. The Emotet gang, which began rebuilding its botnet two weeks ago, has often rented access […]

Read More