Bookmarks (17)

  • screenshot

    Google Patches Chrome’s Fifth Zero-Day of the Year

    An insufficient validation input flaw, one of 11 patched in an update this week, could allow...

  • screenshot

    Phishers Swim Around 2FA in Coinbase Account Heists

    Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so they...

  • screenshot

    Open Redirect Flaw Snags Amex, Snapchat User Data

    Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.

  • screenshot

    Universities Put Email Users at Cyber Risk

    DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest...

  • screenshot

    Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

    Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart...

  • screenshot

    IoT Botnets Fuels DDoS Attacks – Are You Prepared?

    The increased proliferation of IoT devices paved the way for the rise of IoT botnets that...

  • Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems – Threatpost

    300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuDrive, Harbortouch...

  • screenshot

    Authentication Risks Discovered in Okta Platform

    Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational data destruction.

  • screenshot

    Large-Scale Phishing Campaign Bypasses MFA

    Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use...

  • screenshot

    ‘Callback’ Phishing Campaign Impersonates Security Firms

    Victims instructed to make a phone call that will direct them to a link for downloading...

  • screenshot

    Google Patches Actively Exploited Chrome Bug

    The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary...

  • screenshot

    Patchable and Preventable Security Issues Lead Causes of Q1 Attacks

    Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for...

  • screenshot

    Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again

    Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog...

  • screenshot

    ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

    The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware...

  • screenshot

    Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover

    Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites.

  • screenshot

    Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service

    An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to...

  • screenshot

    Millions of Java Apps Remain Vulnerable to Log4Shell

    Four months after the critical flaw was discovered, attackers have a massive attack surface from which...