ThreatList: People Know Reusing Passwords Is Dumb, But Still Do It Even seeing data breaches in the news, more than half of consumers are still reusing passwords.

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs A lack of awareness about where and how open-source libraries are being used is problematic, researchers say.

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign.

Home Chef Serves Up Data Breach for 8 Million Records The meal-kit company's customer records were leaked as part of the Shiny Hunters breach.

NSO Group Impersonates Facebook Security Team to Spread Spyware — Report An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal.

Chafer APT Hits Middle East Govs With Latest Cyber-Espionage Attacks Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT.

Long Tail Analysis: A New Hope in the Cybercrime Battle Looking for niche anomalies in an automated way with AI and machine learning is the future.

Critical Cisco Bug in Unified CCX Allows Remote Code Execution Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution.

Silent Night Banking Trojan Charges Top Dollar on the Underground The malware-as-a-service is advanced, obfuscated and modular -- and built for mass campaigns.

Supreme Court Phish Targets Office 365 Credentials Cybercriminals are hunting out victims' Office 365 credentials -- by dishing out Supreme court "summons" in a phishing attack.

Crooks Tap Google Firebase in Fresh Phishing Tactic Cybercriminals are taking advantage of the Google name and the cloud to convince victims into handing over their login details.

NetWalker Ransomware Gang Hunts for Top-Notch Affiliates The operators behind the Toll Group attack are taking applications for technically advanced partners.

Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions The business email compromise (BEC) gang Scattered Canary has filed more than 200 fraudulent claims for unemployment benefits and for COVID-19 relief funds.

Verizon DBIR: Web App Attacks and Security Errors Surge Threatpost talks to Verizon DBIR co-author Gabriel Bassett about the top takeaways from this year's Data Breach Investigations Report.

Alleged Hacker Behind Massive ‘Collection 1’ Data Dump Arrested The threat actor known as ‘Sanix’ had terabytes of stolen credentials at his residence, authorities said.

The Windows 7 Postmortem: What’s at Stake Nearly a quarter of endpoints still run Windows 7, even though support and security patches have ended.

EasyJet Hackers Take Off with Travel Details for 9M Customers The vacation-centric airline is warning victims about social-engineering attacks.

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger Researchers link the malware to Wolf Research operators with "high confidence" after it was spotted in campaigns targeting Thai users.

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices A host of unpatched security bugs that allow BIAS attacks affects Bluetooth chips from Apple, Intel, Qualcomm, Samsung and others.

Adobe Patches Critical RCE Flaw in Character Animator App A critical remote code execution flaw in Adobe Character Animator was fixed in an out-of-band Tuesday patch.

Show more

Lokale Instanz der MHC SoftWare GmbH