Airline Credential-Theft Takes Off in Widening Campaign
A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom. [...]
A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom. [...]
The well-known banking trojan retools for stealth with a whole new attack routine, including using ads for Microsoft TeamViewer and Zoom to lure victims in. [...]
The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year. [...]
The security vulnerability can be exploited with a malicious CSV file. [...]
The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say. [...]
The malware appeared in August with an ambitious roadmap (think ransomware, DDoS) that could make it 'the most feature-rich Android malware on the market.' [...]
A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering. [...]
An authentication bypass vulnerability in the ManageEngine ADSelfService Plus platform leading to remote code execution offers up the keys to the corporate kingdom. [...]
An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom. [...]
The Demon's Cries, Draconian Fear and Seventh Inferno security bugs are high-severity entryways to corporate networks. [...]
Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed. [...]
The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets. [...]
The financially motivated group looked to steal payment-card data from a California-based point-of-sale service provider. [...]
The BrakTooth set of security vulnerabilities impacts at least 11 vendors' chipsets. [...]
A design flaw involving Google Timeline could allow someone to track another device without installing a stalkerware app. [...]
Users should be careful whose pics they view and should, of course, update their apps. [...]
Two vulnerabilities in the site-building plugin could be useful tools in the hands of a skilled attacker, researchers warned. [...]
A pair of unpatched security vulnerabilities can allow unauthenticated cyberattackers to turn off window, door and motion-sensor monitoring. [...]
The popular Dynamic Pricing and Discounts plugin from Envato can be exploited by unauthenticated attackers. [...]
The bug (CVE-2021-33766) is an information-disclosure issue that could reveal victims' personal information, sensitive company data and more. [...]
It's unclear if Microsoft customers were breached during the months-long period where the #ChaosDB bug in Jupyter Notebooks was exploitable. [...]
The issue affects a range of Cisco Wireless-N and Wireless-AC VPN routers that have reached end-of-life. [...]
The apps attempt to swindle users into buying in-app upgrades or clicking on masses of ads. [...]
The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch at the end of the month. [...]
Fresh attacks target companies' employees, promising millions of dollars in exchange for valid account credentials for initial access. [...]