Spy Operations Target Vietnam with Sophisticated RAT
Researchers said the FoundCore malware represents a big step forward when it comes to evasion. [...]
Showing only posts by Tara Seals. Show all posts.
Apple Mail Zero-Click Security Vulnerability Allows Email Snooping
The researcher is offering details on CVE-2020-9922, which can be triggered just by sending a target an email with two.ZIP files attached. [...]
FBI: APTs Actively Exploiting Fortinet VPN Security Holes
Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. [...]
80% of Global Enterprises Report Firmware Cyberattacks
A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags. [...]
Fraud Ring Launders Money Via Fake Charity Donations
The Cart Crasher gang is testing stolen payment cards while cleaning ill-gotten funds. [...]
Malicious Docker Cryptomining Images Rack Up 20M Downloads
Publicly available cloud images are spreading Monero-mining malware to unsuspecting cloud developers. [...]
SolarWinds Attackers Accessed DHS Emails, Report
Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary's emails, among others. [...]
Hades Ransomware Gang Exhibits Connections to Hafnium
There could be more than immediately meets the eye with this targeted attack group. [...]
PHP Infiltrated with Backdoor Malware
The server for the web-application scripting language was compromised on Sunday. [...]
Executive Order Would Strengthen Cybersecurity Requirements for Federal Agencies
The post-SolarWinds EO could be issued as soon as next week, according to a report. [...]
Employee Lockdown Stress May Spark Cybersecurity Risk
Younger employees and caregivers report more stress than other groups-- and more shadow IT usage. [...]
Fleeceware Apps Bank $400M in Revenue
The cache of apps, found in Apple and Google's official marketplaces is largely targeted towards children, including several "slime simulators." [...]
Facebook Disrupts Spy Effort Aimed at Uyghurs
The social-media giant took down legions of fake profiles aimed at spreading espionage malware. [...]
Microsoft Exchange Servers See ProxyLogon Patching Frenzy
Vast swathes of companies were likely compromised before patches were applied, so the danger remains. [...]
MangaDex Site Offline Following Hacking Incident
A cyberattacker taunted the site about open security vulnerabilities, prompting a code review. [...]
Hobby Lobby Exposes Customer Data in Cloud Misconfiguration
The arts-and-crafts retailer left 138GB of sensitive information open to the public internet. [...]
Tutor LMS for WordPress Open to Info-Stealing Security Holes
The popular learning-management system for teacher-student communication is rife with SQL-injection vulnerabilities. [...]
$4,000 COVID-19 ‘Relief Checks’ Cloak Dridex Malware
The American Rescue Act is the latest zeitgeisty lure being circulated in an email campaign. [...]
PYSA Ransomware Pillages Education Sector, Feds Warn
A major spike of attacks against higher ed, K-12 and seminaries in March has prompted the FBI to issue a special alert. [...]
Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix
Public proof-of-concept (PoC) exploits for ProxyLogon could be fanning a feeding frenzy of attacks even as patching makes progress. [...]
Cyberattacks See Fundamental Changes, A Year into COVID-19
A year after COVID-19 was officially determined to be a pandemic, the methods and tactics used by cybercriminals have drastically changed. [...]
Critical Security Hole Can Knock Smart Meters Offline
Unpatched Schneider Electric PowerLogic ION/PM smart meters are open to dangerous attacks. [...]
Metamorfo Banking Trojan Abuses AutoHotKey to Avoid Detection
A legitimate binary for creating shortcut keys in Windows is being used to help the malware sneak past defenses, in a rash of new campaigns. [...]
NanoCore RAT Scurries Past Email Defenses with .ZIPX Tactic
A spam campaign hides a malicious executable behind file archive extensions. [...]
Microsoft Exchange Servers Face APT Attack Tsunami
At least 10 nation-state-backed groups are using the ProxyLogon exploit chain to compromise email servers, as compromises mount. [...]
« newer articles | page 12 | older articles »