1 day 12 hours ago
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.
Elizabeth Montalbano
1 day 17 hours ago
Researcher shows how Instagram and Facebook’s use of an in-app browser within both its iOS apps can track interactions with external websites.
Threatpost
2 days 14 hours ago
Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system
Elizabeth Montalbano
2 days 15 hours ago
A uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and Belarus
Elizabeth Montalbano
2 days 17 hours ago
Networking giant says attackers gained initial access to an employee’s VPN client via a compromised Google account.
Threatpost
3 days 2 hours ago
This edition of the Threatpost podcast is sponsored by Egress.
Jeffrey Esposito
3 days 17 hours ago
August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.
Threatpost
4 days 12 hours ago
U.S. Treasury blocked the business of the virtual currency mixer for laundering more than $7 billion for hackers, including $455 million to help fund North Korea’s missile program.
Elizabeth Montalbano
5 days 15 hours ago
Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so they can steal their credentials and eventually their funds.
Elizabeth Montalbano
1 week 1 day ago
Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.
Elizabeth Montalbano
1 week 3 days ago
Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.
Elizabeth Montalbano
1 week 4 days ago
DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.
Elizabeth Montalbano
1 week 5 days ago
Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.
Infosec Contributor
2 weeks 1 day ago
Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.
Elizabeth Montalbano
2 weeks 2 days ago
Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.
Elizabeth Montalbano
2 weeks 3 days ago
Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.
Elizabeth Montalbano
2 weeks 4 days ago
Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.
Elizabeth Montalbano
2 weeks 4 days ago
Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.
Nate Nelson
2 weeks 4 days ago
The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.
Sponsored Content
2 weeks 5 days ago
SecuriThings' CEO Roy Dagan tackles the sometimes overlooked security step of physical security maintenance and breaks down why it is important.
Infosec Contributor
Checked
1 hour 35 minutes ago
The First Stop For Security News
Subscribe to Alerts feed