Fake DDoS protection pages are delivering malware!
Malware peddlers are exploiting users’ familiarity with and inherent trust in DDoS protection pages to make them download and run malware on their computer, Sucuri …
Escanor malware delivered in weaponized Microsoft Office documents
Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram …
Disk wiping malware knows no borders
Fortinet announced the latest semiannual FortiGuard Labs Global Threat Landscape Report which revealed that ransomware threat continues to adapt with more variants enabled by …
How vulnerable supply chains threaten cloud security
Organizations are struggling to sufficiently secure new cloud environments implemented during the pandemic, while maintaining legacy equipment and trying to adapt their …
Week in review: Apple fixes exploited zero-days, 1,900 Signal users exposed, Amazon Ring app vuln
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Tackling the dangers of internal communications: What can companies do? In …
Exploiting stolen session cookies to bypass multi-factor authentication (MFA)
Active adversaries are increasingly exploiting stolen session cookies to bypass multi-factor authentication (MFA) and gain access to corporate resources, according to Sophos. …
New infosec products of the week: August 19, 2022
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, Raytheon Technologies, Tenacity, and Transmit Security. AuditBoard …
Cybercriminals are using bots to deploy DDoS attacks on gambling sites
Imperva releases data showing that 25% of all gambling sites were hit with DDoS attacks executed by botnets in June. As the Wimbledon tennis tournament began at the end of …
Vulnerability in Amazon Ring app allowed access to private camera recordings
A vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, could have been …
Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)
Apple has released security updates for iOS, iPadOS, and macOS Monterey to fix CVE-2022-32894 and CVE-2022-32893, two code execution vulnerabilities exploited by attackers in …
APT41 group: 4 malicious campaigns, 13 victims, new tools and techniques
Group-IB has released new research on the state-sponsored hacker group APT41. The Group-IB Threat Intelligence team estimates that in 2021 the threat actors gained access to …
IoT: The huge cybersecurity blind spot that’s costing millions
In many ways, IoT has made our lives easier. We are technologically connected in ways we never thought possible. But organizations need to be aware of the cybersecurity blind …