Amazon-Themed Phishing Campaigns Swim Past Security Checks

Amazon in the era of COVID-19 has become a staple of many people’s lives, as they order everything from sourdough starter to exercise equipment. Cybercrooks have latched onto the delivery behemoth as a lure for phishing emails, knowing that plenty of legitimate delivery messages are also making i...

Community Housing Nonprofit Hit with $1.2M Loss in BEC Scam

A non-profit community housing collective has been swindled out of more than $1.2 million in a business email compromise BEC campaign. Red Kite Community Housing, a coop housing association in High Wycombe, U.K. outside of London announced in a recent website notice that £932,000 of the money pai...

Mozilla Firefox 'Basic Realm' Basic Authentication Header Spoofing Vulnerability

Mozilla Firefox is prone to a domain-spoofing vulnerability that allows an attacker to spoof an HTTP basic authentication dialog. Attackers may exploit this vulnerability via a malicious webpage to spoof the origin of an HTTP basic authentication dialog that the victim may trust. Attackers may fi...