Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers....
Month: April 2021
threatpost – Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks
Author:Tara SealsApril 19, 2021 2:01 pm3 minute read Write a comment Share this article: Our new eBook goes beyond the status quo to take a look at the evolution...
CISO Cyber Security Exploit Unpatched Google Chrome Patching & Hardering Public Exploit The Hacker News Urgent Update Vulnerabilities
The Hacker News – Update Your Chrome Browser ASAP to Patch a Week Old Public Exploit
Google on Tuesday released an update for Chrome web browser for Windows, Mac, and Linux, with a total of seven security fixes, including one flaw for...
Abuses Ad Servers Breach CISO Compromise Cyber Security Cybercrime Data Breaches Hacking Incident The Hacker News
The Hacker News – 120 Compromised Ad Servers Target Millions of Internet Users
An ongoing malvertising campaign tracked as “Tag Barnakle” has been behind the breach of more than 120 ad servers over the past year to sneakily inject...
0-DAY WARNING Abuses CISO Compromise Cyber Security Cybercrime Exploit Unpatched Pulse Secure The Hacker News VPN Flaws Vulnerabilities Zero-Day
The Hacker News – WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations
If the Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability...
The Hacker News – 3 Zero-Day Exploits Hit SonicWall Enterprise Email Security Appliances
SonicWall has addressed three critical security vulnerabilities in its hosted and on-premises email security (ES) product that are being actively exploited in the wild. Tracked as...
The Hacker News – Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store
April 20, 2021Ravie Lakshmanan Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message...
threatpost – BazarLoader Malware Abuses Slack, BaseCamp Clouds
Author:Tara SealsApril 16, 2021 4:27 pm3:30 minute read Write a comment Two cyberattack campaigns are making the rounds using unique social-engineering techniques. The BazarLoader malware is leveraging worker trust...
Cyber Security Cyber Security Vendors DARKReading Exploited Incident Pulse Secure VPN Flaws Vulnerabilities
DARKReading – Pulse Secure VPN Flaws Exploited to Target US Defense Sector
China-linked attackers have used vulnerabilities in the Pulse Secure VPN appliance to attack US Defense Industrial Base networks. Nation-state attackers are exploiting high-severity vulnerabilities in the...
DARKReading – Attackers Compromised Code-Checking Vendor’s Tool for Two Months
A script used to upload sensitive reports-with access to credentials and datastores-likely sent information on hundreds, possibly thousands, of companies to attackers. In a software supply-chain...
threatpost – NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens
Author:Tara SealsApril 19, 2021 3:23 pm3:30 minute read Write a comment Share this article: The malware seems like a silly coding lark at first, but further exploration shows it...
welivesecurity – One in six people use pet’s name as password
Other common and easily hackable password choices include the names of relatives and sports teams, a UK study reveals Amer Owaida15 Apr 2021 – 05:45PMShare As...