Novel Phishing Trick Uses Weird Links to Bypass Spam Filters
A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains. [...]
Showing only posts by Nate Nelson. Show all posts.
Ransomware Deals Deathblow to 157-year-old College
Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. [...]
Low-rent RAT Worries Researchers
Researchers say a hacker is selling access to quality malware for chump change. [...]
China-linked APT Caught Pilfering Treasure Trove of IP
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data. [...]
Attackers Use Event Logs to Hide Fileless Malware
A sophisticated campaign utilizes a novel anti-detection method. [...]
Chinese APT Combines Fresh Hodur RAT with Complex Anti-Detection
Mustang Panda's already sophisticated cyberespionage campaign has matured even further with the introduction of a brand-new PlugX RAT variant. [...]
Microsoft Help Files Disguise Vidar Malware
Attackers are hiding interesting malware in a boring place, hoping victims won’t bother to look. [...]
FIDO: Here’s Another Knife to Help Murder Passwords
After years of promising a passwordless future – really, any day now! – FIDO is proposing tweaks to WebAuthn that could put us out of password misery. Experts aren’t so sure. [...]
Bridgestone Hit as Ransomware Torches Toyota Supply Chain
A ransomware attack struck Bridgestone Americas, weeks after another Toyota supplier experienced the same and a third reported some kind of cyber hit. [...]
Cybercrooks’ Political In-Fighting Threatens the West
They’re choosing sides in the Russia-Ukraine war, beckoning previously shunned ransomware groups and thereby reinvigorating those groups' once-diminished power. [...]
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old "security by obscurity" ways. [...]
Most ServiceNow Instances Misconfigured, Exposed
Customers aren't locking down access correctly, leading to ~70 percent of ServiceNow implementations tested by AppOmni being vulnerable to malicious data extraction. [...]
Bug in the Linux Kernel Allows Privilege Escalation, Container Escape
A missing check allows unprivileged attackers to escape containers and execute arbitrary commands in the kernel. [...]
Novel Attack Turns Amazon Devices Against Themselves
Researchers have discovered how to remotely manipulate the Amazon Echo through its own speakers. [...]
Phishing Campaign Targeted Those Aiding Ukraine Refugees
A military email address was used to distribute malicious email macros among EU personnel helping Ukrainians. [...]
TeaBot Trojan Haunts Google Play Store, Again
Malicious Google Play apps have circumvented censorship by hiding trojans in software updates. [...]
TrickBot Takes a Break, Leaving Researchers Scratching Their Heads
The infamous trojan is likely making some major operational changes, researchers believe. [...]
Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins
A targeted phishing attack takes aim at a major U.S. payments company. [...]
Sextortion Rears Its Ugly Head Again
Attackers are sending email blasts with malware links in embedded PDFs as a way to evade email filters, lying about having fictional "video evidence." [...]
NFT Investors Lose $1.7M in OpenSea Phishing Attack
Attackers took advantage of a smart-contract migration to swindle 17 users. [...]
Severe WordPress Plug-In UpdraftPlus Bug Threatens Backups
An oversight in a WordPress plug-in exposes PII and authentication data to malicious insiders. [...]
Ukrainian DDoS Attacks Should Put US on Notice–Researchers
On Tuesday, institutions central to Ukraine’s military and economy were hit with denial-of-service (DoS) attacks. Impact was limited, but the ramifications are not. [...]
« newer articles | page 2