Threatpost

Novel hack allows an attacker to create a mouse-over in a PowerPoint file that triggers the installation of malware.

Researchers say the botnet has emerged over the past three months and shares aspects with Mirai and Qbot.

Hundreds of thousands of malware files are disguised as well-known social conferencing and collaboration apps.

Amid rampant misinformation, users of the Facebook-owned messaging platform can no longer send coronavirus messages to more than one user at a time.

New research used 3D printing technology to bypass fingerprint scanners, and tested it against Apple, Samsung and Microsoft mobile products.

The CISO Checklist for Secure Remote Working was built to assist CISOs in navigating through COVID-19, providing them with a concise, high-level list of the absolute essentials needed to ensure their organization is well protected in these challenging times.

The Microsoft Exchange vulnerability was patched in February and has been targeted by several threat groups.

Ultimately delivering the Triada payload, xHelper goes to great lengths to become virtually indestructible once installed on a smartphone.

FIN6 fingerprints were spotted in recent cyberattacks that initially infected victims with the TrickBot trojan, and then eventually downloaded the Anchor backdoor malware.

Android apps launched for citizens in Iran, Colombia and Italy offer cyberattackers new attack vectors.

More zero-day exploits coming up for sale by NSO Group and others is democratizing the attack vector and placing them within reach of less sophisticated attackers.

The FBI is cracking down on the practice of Zoom bombing, saying the hijacking of web conferences can be punishable by jail time.

The white hat hacker who discovered the vulnerabilities received a $75,000 from Apple's bug-bounty program.

The attacks are being carried out against Chinese government interests worldwide, according to Qihoo 360.

COVID-19’s effect on work footprints has created an unprecedented challenge for IT and security staff. Many departments are scrambling to enable collaboration apps for all -- but without proper security they can be a big risk.

Mozilla Foundation rushes patches to fix bugs in its browser that could allow for remote code execution.

A Bitcoin-mining campaign using the Kinsing malware is spreading quickly thanks to cloud-container misconfigurations.

A group of CDNs and cloud providers are joining in on a fight against common internet routing attacks.

The attack discovered uses World Health Organization trademark to lure users with info related to coronavirus.

Google is rolling out the newest Chrome browser version, 80.0.3987.162, in the coming days.