Apple Mail Zero-Click Security Vulnerability Allows Email Snooping
The researcher is offering details on CVE-2020-9922, which can be triggered just by sending a target an email with two.ZIP files attached. [...]
Showing only posts in Threatpost. Show all posts.
How To Defend the Extended Network Against Web Risks
Aamir Lakhani, cybersecurity researcher for Fortinet’s FortiGuard Labs, discusses criminals flocking to web server and browser attacks, and what to do about it. [...]
15 Cybersecurity Pitfalls and Fixes for SMBs
In this roundtable, security experts focus on smaller businesses offer real-world advice for actionable ways to shore up defenses using fewer resources. [...]
FBI: APTs Actively Exploiting Fortinet VPN Security Holes
Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. [...]
Call of Duty Cheats Expose Gamers to Malware, Takeover
Activision is warning that cyberattackers are disguising malware -- a remote-access trojan (RAT) -- in cheat programs. [...]
From PowerShell to Payload: An Analysis of Weaponized Malware
John Hammond, security researcher with Huntress, takes a deep-dive into a malware's technical and coding aspects. [...]
Robinhood Warns Customers of Tax-Season Phishing Scams
Attackers are impersonating the stock-trading broker using fake websites to steal credentials as well as sending emails with malicious tax files. [...]
80% of Global Enterprises Report Firmware Cyberattacks
A vast majority of companies in a global survey from Microsoft report being a victim of a firmware-focused cyberattack, but defense spending lags, but defense spending lags. [...]
Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack
Some legacy models of QNAP network attached storage devices are vulnerable to remote unauthenticated attacks because of two unpatched vulnerabilities. [...]
Ragnarok Ransomware Hits Boggi Milano Menswear
The ransomware gang exfiltrated 40 gigabytes of data from the fashion house, including HR and salary details. [...]
Building a Fortress: 3 Key Strategies for Optimized IT Security
Chris Hass, director of information security and research at Automox, discusses how to shore up cybersecurity defenses and what to prioritize. [...]
Google: North Korean APT Gearing Up to Target Security Researchers Again
Cyberattackers have set up a website for a fake company called SecuriElite, as well as associated Twitter and LinkedIn accounts. [...]
Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out
Google’s Pixel and Apple’s iPhone both in privacy hot seat for siphoning mobile device data without consent. [...]
Fraud Ring Launders Money Via Fake Charity Donations
The Cart Crasher gang is testing stolen payment cards while cleaning ill-gotten funds. [...]
Child Tweets Gibberish from U.S. Nuke Account
Telecommuting social-media manager for the U.S. Strategic Command left the laptop open and unsecured while stepping away. [...]
APT Charming Kitten Pounces on Medical Researchers
Researchers uncover a credential-stealing campaign targeting genetic, neurology and oncology professionals. [...]
Ziggy Ransomware Gang Offers Refunds to Victims
Ziggy joins Fonix ransomware group and shuts down, with apologies to targets. [...]
Malicious Docker Cryptomining Images Rack Up 20M Downloads
Publicly available cloud images are spreading Monero-mining malware to unsuspecting cloud developers. [...]
SolarWinds Attackers Accessed DHS Emails, Report
Current and former administration sources say the nation-state attackers were able to read the Homeland Security Secretary's emails, among others. [...]
Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website
A class-action suit in Florida accuses the tech giant of unlawfully intercepting communications by using session-replay software to capture the interaction of people visiting the corporate homepage Intel.com. [...]
Pair of Apex Legends Players Banned for DDoS Server Attacks
Predator-ranked players on Xbox console game version rigged matches with DDoS attacks. [...]
Hades Ransomware Gang Exhibits Connections to Hafnium
There could be more than immediately meets the eye with this targeted attack group. [...]
PHP Infiltrated with Backdoor Malware
The server for the web-application scripting language was compromised on Sunday. [...]
Executive Order Would Strengthen Cybersecurity Requirements for Federal Agencies
The post-SolarWinds EO could be issued as soon as next week, according to a report. [...]
Employee Lockdown Stress May Spark Cybersecurity Risk
Younger employees and caregivers report more stress than other groups-- and more shadow IT usage. [...]
« newer articles | page 54 | older articles »