ThreatList: People Know Reusing Passwords Is Dumb, But Still Do It Even seeing data breaches in the news, more than half of consumers are still reusing passwords. threatpost.com/threatlist-peop

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs A lack of awareness about where and how open-source libraries are being used is problematic, researchers say. threatpost.com/70-of-apps-open

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign. threatpost.com/coronavirus-ema

Home Chef Serves Up Data Breach for 8 Million Records The meal-kit company's customer records were leaked as part of the Shiny Hunters breach. threatpost.com/home-chef-data-

NSO Group Impersonates Facebook Security Team to Spread Spyware — Report An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal. threatpost.com/nso-group-imper

Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT. threatpost.com/chafer-apt-hits

Long Tail Analysis: A New Hope in the Cybercrime Battle Looking for niche anomalies in an automated way with AI and machine learning is the future. threatpost.com/long-tail-analy

Critical Cisco Bug in Unified CCX Allows Remote Code Execution Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution. threatpost.com/critical-cisco-

Silent Night Banking Trojan Charges Top Dollar on the Underground The malware-as-a-service is advanced, obfuscated and modular -- and built for mass campaigns. threatpost.com/silent-night-ba

Supreme Court Phish Targets Office 365 Credentials Cybercriminals are hunting out victims' Office 365 credentials -- by dishing out Supreme court "summons" in a phishing attack. threatpost.com/supreme-court-p

Crooks Tap Google Firebase in Fresh Phishing Tactic Cybercriminals are taking advantage of the Google name and the cloud to convince victims into handing over their login details. threatpost.com/crooks-tap-goog

NetWalker Ransomware Gang Hunts for Top-Notch Affiliates The operators behind the Toll Group attack are taking applications for technically advanced partners. threatpost.com/netwalker-ranso

Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions The business email compromise (BEC) gang Scattered Canary has filed more than 200 fraudulent claims for unemployment benefits and for COVID-19 relief funds. threatpost.com/fraudulent-unem

Verizon DBIR: Web App Attacks and Security Errors Surge Threatpost talks to Verizon DBIR co-author Gabriel Bassett about the top takeaways from this year's Data Breach Investigations Report. threatpost.com/verizon-dbir-we

Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested The threat actor known as ‘Sanix’ had terabytes of stolen credentials at his residence, authorities said. threatpost.com/alleged-hacker-

The Windows 7 Postmortem: What’s at Stake Nearly a quarter of endpoints still run Windows 7, even though support and security patches have ended. threatpost.com/windows-7-postm

EasyJet Hackers Take Off with Travel Details for 9M Customers The vacation-centric airline is warning victims about social-engineering attacks. threatpost.com/easyjet-hackers

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger Researchers link the malware to Wolf Research operators with "high confidence" after it was spotted in campaigns targeting Thai users. threatpost.com/wolfrat-android

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices A host of unpatched security bugs that allow BIAS attacks affects Bluetooth chips from Apple, Intel, Qualcomm, Samsung and others. threatpost.com/bluetooth-bugs-

Adobe Patches Critical RCE Flaw in Character Animator App A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesday patch. threatpost.com/adobe-patches-c

Show more
mhc.social

Lokale Instanz der MHC SoftWare GmbH