Cisco Warns of Critical Auth-Bypass Security Flaw
Cisco also stomped out a critical security flaw affecting its Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches.
Read More Cisco Warns of Critical Auth-Bypass Security FlawAuthor: Lindsey O'Donnell
Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking
Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.
Read More Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie TrackingMicrosoft Lures Populate Half of Credential-Swiping Phishing Emails
As more organizations migrate to Office 365, cybercriminals are using Outlook, Teams and other Microsoft-themed phishing lures to swipe user credentials.
Read More Microsoft Lures Populate Half of Credential-Swiping Phishing EmailsIBM Squashes Critical Remote Code-Execution Flaw
A critical-severity buffer-overflow flaw that affects IBM Integration Designer could allow remote attackers to execute code.
Read More IBM Squashes Critical Remote Code-Execution Flaw10K Microsoft Email Users Hit in FedEx Phishing Attack
Microsoft users are receiving emails pretending to be from mail couriers FedEx and DHL Express – but that really steal their credentials.
Read More 10K Microsoft Email Users Hit in FedEx Phishing AttackChinese Hackers Hijacked NSA-Linked Hacking Tool: Report
APT31, a Chinese-affiliated threat group, copied a Microsoft Windows exploit previously used by the Equation Group, said researchers.
Read More Chinese Hackers Hijacked NSA-Linked Hacking Tool: ReportCredential-Stuffing Attack Targets Regional Internet Registry
RIPE NCC, the regional Internet registry for Europe, West Asia, and the former Soviet Union, said attackers attempted a credential-stuffing attack against its single-sign on service.
Read More Credential-Stuffing Attack Targets Regional Internet RegistryCybercriminal Enterprise ‘Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance Scams
The Department of Justice (DoJ) cracked down on a Ghana-based cybercriminal enterprise behind a slew of romance scams, COVID-19 fraud attacks and business email compromise schemes since 2013.
Read More Cybercriminal Enterprise ‘Ringleaders’ Stole $55M Via COVID-19 Fraud, Romance ScamsMac Malware Targets Apple’s In-House M1 Processor
A malicious adware-distributing application specifically targets Apple’s new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices.
Read More Mac Malware Targets Apple’s In-House M1 ProcessorWindows, Linux Devices Hijacked In Two-Year Cryptojacking Campaign
The WatchDog malware has flown under the radar for two years in what researchers call one of the ‘largest’ Monero cryptojacking attacks ever.
Read More Windows, Linux Devices Hijacked In Two-Year Cryptojacking CampaignMasslogger Swipes Microsoft Outlook, Google Chrome Credentials
A new version of the Masslogger trojan has been targeting Windows users – now using a compiled HTML (CHM) file format to start the infection chain.
Read More Masslogger Swipes Microsoft Outlook, Google Chrome CredentialsComplaint Blasts TikTok’s ‘Misleading’ Privacy Policies
TikTok is again in hot water for how the popular video-sharing app collects and shares data – particularly from its underage userbase.
Read More Complaint Blasts TikTok’s ‘Misleading’ Privacy PoliciesMicrosoft Pulls Bad Windows Update After Patch Tuesday Headaches
Microsoft released a new servicing stack update (KB5001078) after an older one caused problems for Windows users installing Patch Tuesday security updates.
Read More Microsoft Pulls Bad Windows Update After Patch Tuesday HeadachesYandex Data Breach Exposes 4K+ Email Accounts
In a security notice, Yandex said an employee had been providing unauthorized access to users’ email accounts “for personal gain.”
Read More Yandex Data Breach Exposes 4K+ Email AccountsPre-Valentine’s Day Malware Attack Mimics Flower, Lingerie Stores
Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware.
Read More Pre-Valentine’s Day Malware Attack Mimics Flower, Lingerie StoresHow Email Attacks are Evolving in 2021
The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics.
Read More How Email Attacks are Evolving in 2021Military, Nuclear Entities Under Target By Novel Android Malware
The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation.
Read More Military, Nuclear Entities Under Target By Novel Android MalwareSAP Commerce Critical Security Bug Allows RCE
The critical SAP cybersecurity flaw could allow for the compromise of an application used by e-commerce businesses.
Read More SAP Commerce Critical Security Bug Allows RCEIntel Squashes High-Severity Graphics Driver Flaws
Intel is warning on security bugs across its graphics drivers, server boards, compute modules and modems.
Read More Intel Squashes High-Severity Graphics Driver Flaws