A fresh module aims to compromise remote desktop accounts to access corporate resources. Advertise on IT Security News. Read the complete article: TrickBot Trojan Adds RDP Brute-Forcing to Its Arsenal
Tag: Threatpost
Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws
An out-of-band Adobe security update addressed critical flaws in Photoshop, Acrobat Reader and other products. Advertise on IT Security News. Read the complete article: Adobe Discloses Dozens of Critical Photoshop, Acrobat Reader Flaws
Authorities Eye Using Mobile Phone Tracking COVID-19’s Spread
Privacy advocates advise caution when tracking the movements of patients or those infected with the new coronavirus, as an effort to minimize the pandemic’s effect. Advertise on IT Security News. Read the complete article: Authorities Eye Using Mobile Phone…
Magecart Cyberattack Targets NutriBullet Website
Researchers warn that a Magecart group has set up skimmers on the blender manufacturer’s website, in hopes of stealing customer payment-card data. Advertise on IT Security News. Read the complete article: Magecart Cyberattack Targets NutriBullet Website
A COVID-19 Cybersecurity Poll: Securing a Remote Workforce
COVID-19 is changing how we work. Weigh in on how your organization is securing its remote footprint with our short Threatpost poll. Advertise on IT Security News. Read the complete article: A COVID-19 Cybersecurity Poll: Securing a Remote Workforce
This Stalkerware Delivers Extra-Creepy Features
Stalkerware called Monitor Minor gives users the ability to creep on a target’s missives swapped via Instagram, Skype and Snapchat. Advertise on IT Security News. Read the complete article: This Stalkerware Delivers Extra-Creepy Features
APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT
The Pakistani-linked APT has been spotted infecting victims with data exfiltration malware. Advertise on IT Security News. Read the complete article: APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT
Activities of a Nigerian Cybercriminal Uncovered
Rise and fall of a Nigerian cybercriminal called ‘Dton,’ who made hundreds of thousands of dollars in a 7-year campaign, outlined in new report. Advertise on IT Security News. Read the complete article: Activities of a Nigerian Cybercriminal Uncovered
Convincing Google Impersonation Opens Door to MiTM, Phishing
Using homographic characters is an easy way to execute a convincing fake site. Advertise on IT Security News. Read the complete article: Convincing Google Impersonation Opens Door to MiTM, Phishing
Microsoft Edge Shares Privacy-Busting Telemetry, Research Alleges
An academic study found Microsoft’s Edge browser to be the least private, due to it sending device identifiers and web browsing pages to back-end servers. Advertise on IT Security News. Read the complete article: Microsoft Edge Shares Privacy-Busting Telemetry,…
WordPress Plugin Bug in Popup Builder Threatens 100K Websites
The high-severity flaw allows malicious code injection into website pop-up windows. Advertise on IT Security News. Read the complete article: WordPress Plugin Bug in Popup Builder Threatens 100K Websites
Working from Home: COVID-19’s Constellation of Security Challenges
Organizations are sending employees and students home to work and learn — but implementing the plan opens the door to more attacks, IT headaches and brand-new security challenges. Advertise on IT Security News. Read the complete article: Working from…
Coronavirus-Themed APT Attack Spreads Malware
The APT group was spotted sending spear-phishing emails that purport to detail information about coronavirus – but they actually infect victims with a custom RAT. Advertise on IT Security News. Read the complete article: Coronavirus-Themed APT Attack Spreads Malware
ACLU Sues Over U.S. Airport Facial-Recognition Technology
Civil-liberties group wants more transparency about who the government is partnering with and how they are using the information gathered in biometric checks. Advertise on IT Security News. Read the complete article: ACLU Sues Over U.S. Airport Facial-Recognition Technology
Researchers Warn of Novel PXJ Ransomware Strain
While PXJ performs typical ransomware functions, it does not appear to share the same underlying code with most known ransomware families. Advertise on IT Security News. Read the complete article: Researchers Warn of Novel PXJ Ransomware Strain
Trojan Raids Android Users’ Cookie Jars
Cookiethief steals cookies to infiltrate Facebook and other web service accounts. Advertise on IT Security News. Read the complete article: Trojan Raids Android Users’ Cookie Jars
$100K Paid Out for Google Cloud Shell Root Compromise
A Dutch researcher claimed Google’s very first annual Cloud Platform bug-bounty prize, for a clever container escape exploit. Advertise on IT Security News. Read the complete article: $100K Paid Out for Google Cloud Shell Root Compromise
Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs
Researchers with Akamai say that 75 percent of all credential abuse attacks against the financial services industry were targeting APIs. Advertise on IT Security News. Read the complete article: Akamai Talks Massive Uptick in Credential-Stuffing Attacks Against Bank APIs
Flaws Riddle Zyxel’s Network Management Software
Over 16 security flaws, including multiple backdoors and hardcoded SSH server keys, plague the software. Advertise on IT Security News. Read the complete article: Flaws Riddle Zyxel’s Network Management Software
Phishing Attack Skirts Detection With YouTube
Attackers are using YouTube redirect links, whitelisted by various security defense mechanisms, to evade detection. Advertise on IT Security News. Read the complete article: Phishing Attack Skirts Detection With YouTube
Wormable, Unpatched Microsoft Bug Threatens Corporate LANs
CVE-2020-0796 affects version 3.1.1 of Microsoft’s SMB file-sharing system and was not included in Patch Tuesday. Advertise on IT Security News. Read the complete article: Wormable, Unpatched Microsoft Bug Threatens Corporate LANs
New TrickBot Variant Updates Anti-Analysis Tricks
A new TrickBot variant shows that the malware is continuing to swap out new anti-analysis and persistence tactics. Advertise on IT Security News. Read the complete article: New TrickBot Variant Updates Anti-Analysis Tricks
More Than Half of IoT Devices Vulnerable to Severe Attacks
A full 98 percent of all IoT device traffic is unencrypted, exposing personal and confidential data on the network. Advertise on IT Security News. Read the complete article: More Than Half of IoT Devices Vulnerable to Severe Attacks
The Ultimate Security Budget Excel Template – The Easiest Way to Plan and Monitor Your Security Spending
The Ultimate Security Budget Plan & Track Excel template provides security executives with a clear and intuitive tool to keep track of planned vs. actual spend, ensuring that security needs are addressed while maintaining the budgetary frame. Advertise on…
Necurs Botnet in Crosshairs of Global Takedown Offensive
The tech giant will take control of the U.S.-based infrastructure used by the criminals behind the world’s most prolific botnet used to distribute malware and infect victim computers. Advertise on IT Security News. Read the complete article: Necurs Botnet…
Critical Bugs in Rockwell, Johnson Controls ICS Gear
Bugs affecting programmable logic controllers (PLC) and physical access-control systems for facilities are rated 9.8 in severity. Advertise on IT Security News. Read the complete article: Critical Bugs in Rockwell, Johnson Controls ICS Gear
Microsoft Patches 26 Critical Bugs in Big March Update
March security updates include 115 CVEs patching everything from Windows, Office and Microsoft’s new Chromium-based Edge web browser. Advertise on IT Security News. Read the complete article: Microsoft Patches 26 Critical Bugs in Big March Update
Popular ThemeREX WordPress Plugin Opens Websites to RCE
The bug has been under active attack as a zero-day. Advertise on IT Security News. Read the complete article: Popular ThemeREX WordPress Plugin Opens Websites to RCE
Firefox Bug Opens iPhone AirPods to Third-Party Snooping
Mozilla Foundation snuffs out bugs with the introduction of Firefox 74 and ESR 68.6. Advertise on IT Security News. Read the complete article: Firefox Bug Opens iPhone AirPods to Third-Party Snooping
High-Severity Flaws Plague Intel Graphics Drivers
Intel patched six high-severity flaws in its graphics drivers, as well as other vulnerabilities in its NUC firmware, and a load value injection vulnerability that could allow attackers to steal sensitive data. Advertise on IT Security News. Read the…
Variant of Paradise Ransomware Targets Office IQY Files
Threat actors can easily infiltrate networks because attacks evade detection by typical security protections. Advertise on IT Security News. Read the complete article: Variant of Paradise Ransomware Targets Office IQY Files
Spear-Phishing Attack Lures Victims With ‘HIV Results’
Attackers are purporting to send victims HIV test results – but in reality are convincing them to download the Koadic RAT. Advertise on IT Security News. Read the complete article: Spear-Phishing Attack Lures Victims With ‘HIV Results’
Microsoft Exchange Server Flaw Exploited in APT Attacks
A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn. Advertise on IT Security News. Read the complete article: Microsoft Exchange Server Flaw Exploited in APT Attacks
AMD Downplays CPU Threat Opening Chips to Data Leak Attacks
New side-channel attacks have been disclosed in AMD CPUs, however AMD said that they are not new. Advertise on IT Security News. Read the complete article: AMD Downplays CPU Threat Opening Chips to Data Leak Attacks
Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns
Ryuk, DoppelPaymer, Parinacota and other ransomware groups are getting more sophisticated, Microsoft warns. Advertise on IT Security News. Read the complete article: Next-Gen Ransomware Packs a ‘Human’ Punch, Microsoft Warns
Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks
In cybersecurity circles, the Coronavirus is spurring anxiety over the virtual abuse of the deadly disease by scammers. Advertise on IT Security News. Read the complete article: Spread of Coronavirus-Themed Cyberattacks Persists with New Attacks
Critical Zoho Zero-Day Flaw Disclosed
A Zoho zero day vulnerability and proof of concept (PoC) exploit code was disclosed on Twitter. Advertise on IT Security News. Read the complete article: Critical Zoho Zero-Day Flaw Disclosed
Zynga Faces Lawsuit Over Massive Words with Friends Breach
Meanwhile, breach incidents have hit Carnival Cruise Lines, T-Mobile and J. Crew customers. Advertise on IT Security News. Read the complete article: Zynga Faces Lawsuit Over Massive Words with Friends Breach
Chris Eng: Patch Management Challenges Drive ‘Security Debt’
Chris Eng with Veracode talks about how organizations are falling into security debt due to patch management issues. Advertise on IT Security News. Read the complete article: Chris Eng: Patch Management Challenges Drive ‘Security Debt’
High-Severity Cisco Webex Flaws Fixed
The high-severity flaws, existing in Webex Player and Webex Network Recording Player, can allow arbitrary code execution. Advertise on IT Security News. Read the complete article: High-Severity Cisco Webex Flaws Fixed
Let’s Encrypt Pushes Back Deadline to Revoke Some TLS Certificates
While 1.7 million of the certificates potentially affected by a CAA bug have already been replaced, around 1 million are still active. Advertise on IT Security News. Read the complete article: Let’s Encrypt Pushes Back Deadline to Revoke Some…
Trump, Sanders Are the Top Brands for Cybercriminals
An analysis of spam subject lines and malicious domains shows that attackers have been betting on Trump and Sanders to snag public interest. Advertise on IT Security News. Read the complete article: Trump, Sanders Are the Top Brands for…
Critical Netgear Bug Impacts Flagship Nighthawk Router
Dozens of routers are patched by Netgear as it snuffs out critical, high and medium severity flaws. Advertise on IT Security News. Read the complete article: Critical Netgear Bug Impacts Flagship Nighthawk Router
Microsoft OneNote Used To Sidestep Phishing Detection
A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger. Advertise on IT Security News. Read the complete article: Microsoft OneNote Used To Sidestep Phishing Detection
Loyalty Cards Targeted in Tesco Clubcard Attack
Around 600,000 of the supermarket’s 12 million loyalty program members have been warned about a cyberattack. Advertise on IT Security News. Read the complete article: Loyalty Cards Targeted in Tesco Clubcard Attack
Cobalt Ulster Strikes Again With New ForeLord Malware
Threatpost talks to Alex Tilley, senior security researcher with Dell SecureWorks’ Counter Threat Unit Research Team, about a recently discovered campaign linked to an Iranian APT. Advertise on IT Security News. Read the complete article: Cobalt Ulster Strikes Again…
Let’s Encrypt to Revoke Millions of TLS Certs
On Wednesday millions of Transport Layer Security certificates will be revoked because of a Certificate Authority Authorization bug. Advertise on IT Security News. Read the complete article: Let’s Encrypt to Revoke Millions of TLS Certs
MediaTek Bug Actively Exploited, Affects Millions of Android Devices
An exploit published by a developer is easy to use and has already been used to build malicious apps that gain root access on Android devices. Advertise on IT Security News. Read the complete article: MediaTek Bug Actively Exploited,…
Have I Been Pwned No Longer For Sale
Troy Hunt said the popular HIBP will continue to be run as an independent service. Advertise on IT Security News. Read the complete article: Have I Been Pwned No Longer For Sale
DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla
Cyber attack at Visser Precision, which builds custom parts for the aerospace and automotive industries, reveals sensitive company data. Advertise on IT Security News. Read the complete article: DoppelPaymer Ransomware Used to Steal Data from Supplier to SpaceX, Tesla
Walgreens Mobile App Leaks Prescription Data
A security error in the Walgreens mobile app may have leaked customers’ full names, prescriptions and shipping addresses. Advertise on IT Security News. Read the complete article: Walgreens Mobile App Leaks Prescription Data
TrickBot Adds ActiveX Control, Hides Dropper in Images
The tricky trojan has evolved again, to stay a step ahead of defenders. Advertise on IT Security News. Read the complete article: TrickBot Adds ActiveX Control, Hides Dropper in Images
Forrester: Keeping Smart Cities Safe From Hacks
As cities grow more connected, municipal operators must deal with new risks like ransomware, IoT hacks and more. Advertise on IT Security News. Read the complete article: Forrester: Keeping Smart Cities Safe From Hacks
NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs
The legitimate remote-access tool is being used to maliciously infect victims and allow remote code-execution. Advertise on IT Security News. Read the complete article: NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs
Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver
Several flaws found in Nvidia’s graphics drivers could enable denial of service, remote code execution and other malicious attacks. Advertise on IT Security News. Read the complete article: Gamer Alert: Serious Nvidia Flaw Plagues Graphics Driver
Bruce Schneier Proposes ‘Hacking Society’ for a Better Tomorrow
The security industry has the perfect skillset and adversarial defense outlook to deal with some of the emerging societal issues in today’s world, said security technologist Bruce Schneier. Advertise on IT Security News. Read the complete article: Bruce Schneier…
RSAC 2020: Ransomware a ‘National Crisis,’ CISA Says, Ramps ICS Focus
The federal agency plans a slew of initiatives to address industrial control security this year. Advertise on IT Security News. Read the complete article: RSAC 2020: Ransomware a ‘National Crisis,’ CISA Says, Ramps ICS Focus
Patrick Wardle: Apple Devices Hit With Recycled macOS Malware
Patrick Wardle talks about the biggest threats he’s seeing impacting Apple devices. Advertise on IT Security News. Read the complete article: Patrick Wardle: Apple Devices Hit With Recycled macOS Malware
Google’s War on Android App Permissions, 60 Percent Successful
An automated Google warning to Android app developers regarding mobile app permissions has cut the number of requests in half. Advertise on IT Security News. Read the complete article: Google’s War on Android App Permissions, 60 Percent Successful
RSAC 2020: GM’s Transportation Future Hinges on Cybersecurity
CEO Mary T. Barra addressed the high stakes in rolling out self-driving cars and biometric-enhanced vehicles, where one cyber-event could derail plans for emerging automotive technologies. Advertise on IT Security News. Read the complete article: RSAC 2020: GM’s Transportation…
IoT Insecurity: When Your Vacuum Turns on You
From vacuum cleaners to baby monitors, the IoT landscape continues to be plagued by concerning security issues that lead to privacy threats. Advertise on IT Security News. Read the complete article: IoT Insecurity: When Your Vacuum Turns on You
Billions of Devices Open to Wi-Fi Eavesdropping Attacks
The Kr00k bug arises from an all-zero encryption key in Wi-Fi chips that reveals communications from devices from Amazon, Apple, Google, Samsung and others. Advertise on IT Security News. Read the complete article: Billions of Devices Open to Wi-Fi…
RSAC 2020: Smart Baby Monitor Vulnerable to Remote Hackers
A popular baby monitor has been found riddled with vulnerabilities that give attackers full access to personal information and sensitive video footage. Advertise on IT Security News. Read the complete article: RSAC 2020: Smart Baby Monitor Vulnerable to Remote…
RSAC 2020: Lack of Machine Learning Laws Open Doors To Attacks
When it comes to machine learning, research and cybercriminal activity is full speed ahead – but legal policy has not yet caught up. Advertise on IT Security News. Read the complete article: RSAC 2020: Lack of Machine Learning Laws…
Hackers Cashing In On Healthcare Industry Security Weaknesses
Between ransomware attacks on healthcare devices, malware-laced “medical” apps, and fraud services available on the dark net, attackers are pushing the boundaries on targeting healthcare. Advertise on IT Security News. Read the complete article: Hackers Cashing In On Healthcare…
Unpatched Security Flaws Open Connected Vacuum to Takeover
A connected, robotic vacuum cleaner has serious vulnerabilities that could allow remote hackers to view its video footage and launch denial of service attacks. Advertise on IT Security News. Read the complete article: Unpatched Security Flaws Open Connected Vacuum…
Iranian APT Targets Govs With New Malware
A new campaign is targeting governments with the ForeLord malware, which steals credentials. Advertise on IT Security News. Read the complete article: Iranian APT Targets Govs With New Malware
Stalkerware Attacks Increased 50 Percent Last Year, Report
Research puts the emerging mobile threat—which monitors the whereabouts and device activity of devices users as well as collects personal data—into clearer focus. Advertise on IT Security News. Read the complete article: Stalkerware Attacks Increased 50 Percent Last Year,…
RSAC 2020: Blockchain is ‘Garbage In’, Voting Needs Paper Ballots
The annual cryptographer’s panel took on issues of privacy and how new crypto-technologies apply to it in today’s digital world. Advertise on IT Security News. Read the complete article: RSAC 2020: Blockchain is ‘Garbage In’, Voting Needs Paper Ballots
Google Patches Chrome Browser Zero-Day Bug, Under Attack
Google patches zero-day bug tied to memory corruptions found inside the Chrome browser’s open-source JavaScript and Web Assembly engine, called V8. Advertise on IT Security News. Read the complete article: Google Patches Chrome Browser Zero-Day Bug, Under Attack
RSAC 2020 Keynote: Changing the World’s False Perception of Cybersecurity
The reality of the cybersecurity industry is starkly different than what’s perceived by the rest of the world. Advertise on IT Security News. Read the complete article: RSAC 2020 Keynote: Changing the World’s False Perception of Cybersecurity
Sen. Schumer Pushes for TSA Employee Ban on TikTok App at Work
The Department of Homeland Security and two U.S. military branches already had discontinued use of the app based on concerns over Chinese data-security and censorship practices. Advertise on IT Security News. Read the complete article: Sen. Schumer Pushes for…
Free Download: The Ultimate Security Pros’ Checklist
The Ultimate Security Pros’ Checklist fully maps the core duties of common security positions, from the core technical security aspect to team management and executive reporting. Advertise on IT Security News. Read the complete article: Free Download: The Ultimate…
Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data
Software developer builds a malicious proof-of-concept iOS app that can read data temporarily saved to the device’s clipboard. Advertise on IT Security News. Read the complete article: Apple Takes Heat Over ‘Vulnerable’ iOS Cut-and-Paste Data
Data Breach Occurs at Agency in Charge of Secure White House Communications
A leak at the Defense Information Systems Agency exposed personal information of government employees, including social security numbers. Advertise on IT Security News. Read the complete article: Data Breach Occurs at Agency in Charge of Secure White House Communications
Lawsuit Claims Google Collects Minors’ Locations, Browsing History
A new lawsuit alleges that Google’s G Suite for Education program covertly collects data from students, violating both COPPA and other data privacy regulations. Advertise on IT Security News. Read the complete article: Lawsuit Claims Google Collects Minors’ Locations,…
Active Attacks Target Popular Duplicator WordPress Plugin
When patched last week, the bug affected at least 1 million websites. Zero-day exploits were going on then. Advertise on IT Security News. Read the complete article: Active Attacks Target Popular Duplicator WordPress Plugin
RSAC 2020: Editors’ Preview of Hottest Sessions, Speakers and Themes
From data privacy to industrial IoT cybersecurity concerns, Threatpost editors discuss the top stories they expect to see at this year’s RSA Conference, which kicks off next week in San Francisco. Advertise on IT Security News. Read the complete…
Burning Man Tickets for $225? Yep, Too Good to Be True
Scammers are posing as event organizers in a sophisticated fraud effort. Advertise on IT Security News. Read the complete article: Burning Man Tickets for $225? Yep, Too Good to Be True
ISS World Hit with Malware Attack that Shuts Down Global Computer Network
The incident cut off access to e-mail and shared IT services across customer sites of the multinational Denmark-based facility-management firm. Advertise on IT Security News. Read the complete article: ISS World Hit with Malware Attack that Shuts Down Global…
Haken Malware Family Infests Google Play Store
Eight apps – mostly camera utilities and children’s games – were discovered spreading a new malware strain that steals data and signs victims up for expensive premium services. Advertise on IT Security News. Read the complete article: Haken Malware…
Google Bans 600 Android Apps for Obnoxious Ads
The Google Play apps violated the tech behemoth’s disruptive advertising policies. Advertise on IT Security News. Read the complete article: Google Bans 600 Android Apps for Obnoxious Ads
Critical Cisco Bug Opens Software Licencing Manager to Remote Attack
A default password would let anyone access the Cisco Smart Software Manager On-Prem Base platform, even if it’s not directly connected to the internet. Advertise on IT Security News. Read the complete article: Critical Cisco Bug Opens Software Licencing…
Cybergang Favors G Suite and Physical Checks For BEC Attacks
Exaggerated Lion, a newly discovered cybercrime group, uses new and unique tactics to target U.S. companies in BEC attacks. Advertise on IT Security News. Read the complete article: Cybergang Favors G Suite and Physical Checks For BEC Attacks
Critical Adobe Flaws Fixed in Out-of-Band Update
Two critical Adobe vulnerabilities have been fixed in Adobe After Effects and Adobe Media Encoder. Advertise on IT Security News. Read the complete article: Critical Adobe Flaws Fixed in Out-of-Band Update
MGM Grand Breach Leaked Details of 10.6 Million Guests Last Summer
This week a hacking forum posted data from the breach—which included personal and contact details for celebrities, tech CEOs, government officials and employees at large tech companies. Advertise on IT Security News. Read the complete article: MGM Grand Breach…
U.S. Pipeline Disrupted by Ransomware Attack
The attack took a gas compression facility offline for two days, disrupting the supply chain. Advertise on IT Security News. Read the complete article: U.S. Pipeline Disrupted by Ransomware Attack
BlueKeep Flaw Plagues Outdated Connected Medical Devices
More than 55 percent of medical imaging devices – including MRIs, XRays and ultrasound machines – are powered by outdated Windows versions, researchers warn. Advertise on IT Security News. Read the complete article: BlueKeep Flaw Plagues Outdated Connected Medical…
SMS Attack Spreads Emotet, Steals Bank Credentials
A new Emotet campaign is spread via SMS messages pretending to be from banks and may have ties to the TrickBot trojan. Advertise on IT Security News. Read the complete article: SMS Attack Spreads Emotet, Steals Bank Credentials
Hamas Ensnares Israeli Soldiers with Pretty ‘Ladies’
The third catfish attempt in three years from the Palestinian militant group adds a few technical advances to the mix. Advertise on IT Security News. Read the complete article: Hamas Ensnares Israeli Soldiers with Pretty ‘Ladies’
Cynet Offers Free Threat Assessment for Mid-Sized and Large Organizations
Cynet Free Threat Assessment spotlights critical, exposed attack surfaces and provides actionable knowledge of attacks that are currently alive and active. Advertise on IT Security News. Read the complete article: Cynet Offers Free Threat Assessment for Mid-Sized and Large…
Latest Tax Scams Target Apps and Tax-Prep Websites
Traditional e-mail based scams are also in the mix this year, one in particular that uses the legitimate app TeamViewer to take over victims’ systems. Advertise on IT Security News. Read the complete article: Latest Tax Scams Target Apps…
FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter
OurMine took over the Spanish powerhouse soccer team’s Twitter account. Advertise on IT Security News. Read the complete article: FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter
Ring Mandates 2FA After Rash of Hacks
Ring outlined new security and data privacy measures, Tuesday, following backlash of the connected doorbell in the past year. Advertise on IT Security News. Read the complete article: Ring Mandates 2FA After Rash of Hacks
Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign
APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure that could be converted to distribute destructive wiper malware. Advertise on IT Security News. Read the complete article: Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign
Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin
Websites using a vulnerable version of the WordPress plugin, ThemeGrill Demo Importer, are being targeted by attackers. Advertise on IT Security News. Read the complete article: Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin
Hacker Scheme Threatens AdSense Customers with Account Suspension
Scam threatens to flood sites using Google’s banner-ad program with bot and junk traffic if owners don’t pay $5K in bitcoin. Advertise on IT Security News. Read the complete article: Hacker Scheme Threatens AdSense Customers with Account Suspension
Lenovo, HP, Dell Peripherals Face Unpatched Firmware Bugs
A lack of proper code-signing verification and authentication for firmware updates opens the door to information disclosure, remote code execution, denial of service and more. Advertise on IT Security News. Read the complete article: Lenovo, HP, Dell Peripherals Face…
Huawei Controversy Highlights 5G Security Implications
Security experts say that 5G supply chain concerns should be taken seriously – whether it’s in the context of Huawei or not. Advertise on IT Security News. Read the complete article: Huawei Controversy Highlights 5G Security Implications
500 Malicious Chrome Extensions Impact Millions of Users
The malicious Chrome extensions were secretly collecting users’ browser data and redirecting them to malware-laced websites. Advertise on IT Security News. Read the complete article: 500 Malicious Chrome Extensions Impact Millions of Users