Misconfigured Docker Servers Under Attack by Xanthe Malware The never-before-seen Xanthe cryptomining botnet has been targeting misconfigured Docker APIs. threatpost.com/misconfigured-d

Android Messenger App Still Leaking Photos, Videos The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers. threatpost.com/android-messeng

Cayman Islands Bank Records Exposed in Open Azure Blob An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs. threatpost.com/cayman-islands-

Zoom Impersonation Attacks Aim to Steal Credentials The Better Business Bureau warns of phishing messages with the Zoom logo that tell recipients they have a missed meeting or suspended account. threatpost.com/zoom-impersonat

Electronic Medical Records Cracked Open by OpenClinic Bugs Four security vulnerabilities in an open-source medical records management platform allow remote code execution, patient data theft and more. threatpost.com/electronic-medi

Magecart Attack Convincingly Hijacks PayPal Transactions at Checkout New credit-card skimmer uses postMessage to make malicious process look authentic to victims to steal payment data. threatpost.com/magecart-hijack

Post-Cyberattack, UVM Health Network Still Picking Up Pieces More than a month after the cyberattack first hit, the UVM health network is still grappling with delayed payment processing and other issues. threatpost.com/cyberattack-uvm

Conti Gang Hits IoT Chipmaker Advantech with $14M Ransom Demand The ransomware group has leaked stolen data to add pressure on the company to pay up. threatpost.com/conti-iot-chip-

Digitally Signed Bandook Trojan Reemerges in Global Spy Campaign A strain of the 13-year old backdoor Bandook trojan has been spotted in an espionage campaign. threatpost.com/digitally-signe

MacOS Users Targeted By OceanLotus Backdoor The new backdoor comes with multiple payloads and new detection evasion tactics. threatpost.com/macos-users-tar

Pandemic, A Driving Force in 2021 Financial Crime Ransomware gangs with zero-days and more players overall will characterize financially motivated cyberattacks next year. threatpost.com/2021-financial-

2021 Healthcare Cybersecurity Priorities: Experts Weigh In Hackers are putting a bullseye on healthcare. Experts explore why hospitals are being singled out and what any company can do to better protect themselves. threatpost.com/2021-healthcare

TurkeyBombing Puts New Twist on Zoom Abuse Threat actors already stole nearly 4,000 credentials before the holiday was even over, according to report. threatpost.com/turkeybombing-z

Cybersecurity Predictions for 2021: Robot Overlords No, Connected Car Hacks Yes While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense. threatpost.com/cybersecurity-p

ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps as they head into this year's Black Friday and Cyber Monday holiday shopping events. threatpost.com/threatlist-cybe

Federated Learning: A Therapeutic for what Ails Digital Health Researchers show the promise of Federated Learning to protect patient privacy and improve healthcare outcomes across the world. threatpost.com/federated-learn

Changing Employee Security Behavior Takes More Than Simple Awareness Designing a behavioral change program requires an audit of existing security practices and where the sticking points are. threatpost.com/changing-employ

Major BEC Phishing Ring Cracked Open with 3 Arrests Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares. threatpost.com/bec-phishing-ri

Critical MobileIron RCE Flaw Under Active Attack Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others. threatpost.com/critical-mobile

How to Update Your Remote Access Policy – And Why You Should Now Reducing the risks of remote work starts with updating the access policies of yesterday. threatpost.com/how-to-update-r

Show more
mhc.social

Lokale Instanz der MHC SoftWare GmbH