VirusList.com
Phishers Swim Around 2FA in Coinbase Account Heists
Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so they can steal their credentials and eventually their funds.
Kategorie: Viry a Červi
Open Redirect Flaw Snags Amex, Snapchat User Data
Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.
Kategorie: Viry a Červi
VMWare Urges Users to Patch Critical Authentication Bypass Bug
Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.
Kategorie: Viry a Červi
Universities Put Email Users at Cyber Risk
DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.
Kategorie: Viry a Červi
Securing Your Move to the Hybrid Cloud
Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.
Kategorie: Viry a Červi
Malicious Npm Packages Tapped Again to Target Discord Users
Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.
Kategorie: Viry a Červi
Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office
Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.
Kategorie: Viry a Červi
Messaging Apps Tapped as Platform for Cybercriminal Activity
Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.
Kategorie: Viry a Červi
Novel Malware Hijacks Facebook Business Accounts
Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.
Kategorie: Viry a Červi
Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands
Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.
Kategorie: Viry a Červi
IoT Botnets Fuels DDoS Attacks – Are You Prepared?
The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.
Kategorie: Viry a Červi
Why Physical Security Maintenance Should Never Be an Afterthought
SecuriThings' CEO Roy Dagan tackles the sometimes overlooked security step of physical security maintenance and breaks down why it is important.
Kategorie: Viry a Červi
Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’
Also known as the Atlantis Cyber-Army, the emerging organization has an enigmatic leader and a core set of admins that offer a range of services, including exclusive data leaks, DDoS and RDP.
Kategorie: Viry a Červi
Conti’s Reign of Chaos: Costa Rica in the Crosshairs
Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica?
Kategorie: Viry a Červi
Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems
300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch and InTouchPOS services.
Kategorie: Viry a Červi
Authentication Risks Discovered in Okta Platform
Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational data destruction.
Kategorie: Viry a Červi
FBI Warns Fake Crypto Apps are Bilking Investors of Millions
Threat actors offer victims what appear to be investment services from legitimate companies to lure them into downloading malicious apps aimed at defrauding them.
Kategorie: Viry a Červi
Google Boots Multiple Malware-laced Android Apps from Marketplace
Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant.
Kategorie: Viry a Červi
CISA Urges Patch of Exploited Windows 11 Bug by Aug. 2
Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2.
Kategorie: Viry a Červi
Emerging H0lyGh0st Ransomware Tied to North Korea
Microsoft has linked a threat that emerged in June 2021 and targets small-to-mid-sized businesses to state-sponsored actors tracked as DEV-0530.
Kategorie: Viry a Červi