Facebook's NSO Group Lawsuit Over WhatsApp Spying Set to Proceed

Facebook’s lawsuit against NSO Group over alleged spying on WhatsApp users will be allowed to go forward. WhatsApp-owner Facebook is alleging that NSO Group exploited a vulnerability in WhatsApp to deploy its spyware against human rights activists, journalists and political dissidents. A federal...

Mac Cryptocurrency Traders Targeted by Trojanized Apps

Mac users are being targeted by trojanized cryptocurrency trading apps, which once downloaded actually drain victims’ cryptocurrency wallets, researchers warn. The four fake applications in question, Cointrazer, Cupatrade, Licatrade and Trezarus, claim to be rebranded copies of an actual...

Paving the Path to Passwordless

Passwords seem to be the digital equivalent of the phrase, “can’t live with ’em, can’t live without ’em.” They’re supposed to protect sensitive information and data, but passwords can also be incredibly frustrating; you shouldn’t use the same one across the board, which means you probably have...

Thousands of Vulnerable F5 BIG-IP Users Still Open to Takeover

About 8,000 users of F5 Networks’ BIG-IP family of networking devices are still vulnerable to full system access and remote code-execution RCE, despite a patch for a critical flaw being available for two weeks. The BIG-IP family consists of application delivery controllers, Local Traffic Managers...

Twitter Hack Update: What We Know (and What We Don't)

UPDATED 7/18 at 12:50 p.m. ET Earlier this week, Twitter locked down thousands of verified accounts, including the accounts of Joe Biden, Bill Gates, Elon Musk, Apple, Uber and others, after it became clear that hackers had been able to compromise them. The tip-off? Suddenly these high-profile...

CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug

The U.S. Cybersecurity and Infrastructure Security Agency CISA is ordering all federal executive branch offices to apply a patch for a wormable Windows Server bug within 24 hours, warning of a “high potential for compromise of agency information systems.” In an Emergency Directive, the Department...

Enterprise Data Security: It’s Time to Flip the Established Approach

There’s an old saying when it comes to big undertakings: Don’t boil the ocean. Well, there’s hardly any bigger project in information security than trying to protect corporate data. But the reality is that too many organizations today are, in fact, “boiling the ocean” when it comes to their...

Hackers Look to Steal COVID-19 Vaccine Research

The advanced threat actor known as APT29 has been hard at work attempting to pilfer COVID-19 vaccine research from academic and pharmaceutical research institutions in various countries around the world, including the U.S. That’s according to a joint alert from the U.S. Department of Homeland...

Zoom Addresses Vanity URL Zero-Day

A previously undisclosed bug in Zoom’s customizable URL feature has been addressed that could have offered a hacker a perfect social-engineering avenue for stealing credentials or sensitive information. Disclosed by Zoom and Check Point on Thursday, the security flaw existed in the “Vanity URL”...

Amazon-Themed Phishing Campaigns Swim Past Security Checks

Amazon in the era of COVID-19 has become a staple of many people’s lives, as they order everything from sourdough starter to exercise equipment. Cybercrooks have latched onto the delivery behemoth as a lure for phishing emails, knowing that plenty of legitimate delivery messages are also making i...

Threat Actors Introduce Unique ‘Newbie’ Hacker Forum

A well-known private hacking forum has recently become more inclusive, introducing a new platform to help newbie threat actors flourish and hone their expertise, research has found. The discovery is unique, as private hacker forums tend to be the exclusive province of elite cybercriminals. Digita...

LokiBot Redux Attacks Massive List of Common Android Apps

Researchers have discovered a new variant of the LokiBot trojan called BlackRock, that’s attacking not just financial and banking apps, but also a massive list of well-known and commonly used brand-name apps on Android devices. The apps targeted include: Amazon, eBay, Facebook, Grinder, Instagram...

Twitter Confirms it was Hacked in an Unprecedented Cryptocurrency Scam

Twitter locked down thousands of verified accounts belonging to elite Twitter users and high-profile companies Wednesday afternoon in an effort to prevent hackers from perpetrating a massive cryptocurrency scam. The accounts fell victim to a compromise of the company’s internal systems by a group...

Brazil's Banking Trojans Go Global

Malware that is typically used in Brazil is expanding its geography, targeting users in North America, Europe and elsewhere in Latin America. Banking trojans, which steal online banking logins and other financial credentials from unsuspecting victims, are fairly common – but the more sophisticate...

The TLS 1.2 Deadline is Looming, Do You Have Your Act Together?

In the pantheon of security configuration duties for organizations running internet assets, maintaining the latest TLS encryption protocols to keep the cryptographic apparatus at full strength is one of the most fundamental. TLS provides cover for the most sensitive personal and financial...

Microsoft Tackles 123 Fixes for July Patch Tuesday

A critical DNS bug and a publicly known elevation-of-privilege flaw top Microsoft’s July Patch Tuesday list of 123 fixes. The DNS flaw is a remote code-execution bug and is touted as one of the most critical Windows vulnerabilities released this year, earning the highest-severity CVSS score of 10...

Critical DNS Bug Opens Windows Servers to Infrastructure Takeover

A critical Microsoft Windows Server bug opens company networks to hackers, allowing them to potentially seize control of IT infrastructures. Microsoft issued a patch for the bug on Tuesday as part of its July Patch Tuesday roundup. It turns out that the bug is 17 years old. Impacted are Windows...

Adobe Discloses Critical Code-Execution Bugs in July Update

Adobe has released its scheduled July 2020 security updates, covering flaws in five different product areas: Creative Cloud Desktop; Media Encoder; Download Manager; Genuine Service; and ColdFusion. Four of the bugs are rated critical in severity, with the others ranked as important. Most of the...

DMARC Adoption Spikes, Higher Ed Remains Behind

Adoption of the email security protocol DMARC has continued to tick upwards, with the number of domains deploying DMARC records surpassing 1 million in the last two years — a 2.5 times greater total than in 2018. That’s according to Valimail’s Email Fraud Landscape 2020 report, which also found...

Leaked Details of 142 Million MGM Hotel Guests Found for Sale Online

Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the dark web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. An advertisement on a hacker forum has put 142,479,937 details...

Most companies are ignoring your most vulnerable endpoint…and it’s not the laptop

It’s an open secret that mobile devices are your weakest security link. We pretend not to know how vulnerable they are to attack, nor how exposed they leave your business. A 2019 study found that most companies allow mobile devices to access between 1/3 and 3/4 of their most business-critical...

Leaked Details of 142 Million MGM Hotel Guests Found for Sale on Dark Web

Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the Dark Web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. An advertisement on a hacker forum has put 142,479,937 details...

Critical SAP Bug Allows Full Enterprise System Takeover

A critical vulnerability, carrying a severity score of 10 out of 10 on the CvSS bug-severity scale, has been disclosed for SAP customers. SAP’s widely deployed collection of enterprise resource planning ERP software is used to manage their financials, logistics, customer-facing organizations, hum...

TrickBot Sample Accidentally Warns Victims They're Infected

TrickBot, the infamous info-stealing trojan, has been trying out a test module that accidentally pops up fraud alerts to victims. A sandboxed sample of the trojan, obtained by MalwareHunterTeam and analyzed by Advanced Intelligence’s Vitali Kremez, turns out to contain a new module, called “modul...

Secret Service Creates Cyber Fraud Task Forces

The U.S. Secret Service has created the Cyber Fraud Task Forces CFTFs, aimed at preventing, detecting and mitigating complex cyber-enabled financial crime – including making arrests and convictions. The CFTF is the result of a formal merging of two of the Secret Service’s existing units into a...

A 'New Age' of Sophisticated Business Email Compromise is Coming

A newly discovered, sophisticated threat group that targets organizations without DMARC implemented and relies on business email compromise is heralding what researchers call “a new age” of business email compromise. The group, called Cosmic Lynx, is the first reported Russian BEC cybercriminal...

The Enemy Within: How Insider Threats Are Changing

Insider threats are ramping up – with new kinds of concerns in this category beginning to emerge. This is happening against a heady backdrop: Makeshift home offices, a cavalcade of new distractions and a tectonic shift to the cloud have recently collided to create an entirely new world for...

How CARTA Strategies for Web Applications are Met with Indusface AppTrana Solution

Gartner’s CARTA Continuous Adaptive Risk and Trust Assessment, which sets out their vision for security, is increasingly being adopted by several enterprises. Recently Gartner also called out CARTA strategic approach in the top 10 security projects for 2019. CARTA, being a strategic approach,...

Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack

A popular consumer-grade security camera made by TP-Link and sold under the Kasa brand has bevy of bugs that open the hardware to remote attacks, such as giving hackers access to private video feeds and the ability to change device settings. The researcher Jason Kent, with Cequence Security,...

Google Bans Stalkerware Ads – With a Loophole

Google will soon prohibit ads on its platform that promote stalkerware products and services – but the tech giant’s ban comes with a catch that some security experts worry will render it ineffective. Starting August 2020, Google’s ads policy will be updated to ban advertisements for stalkerware,...

Smartwatch Hack Could Trick Dementia Patients into Overdosing

Researchers are warning vulnerabilities in a smartwatch application for dementia patients could allow an attacker to convince patients to overdose. The vulnerabilities stem from the SETracker application, which is developed by Chinese developer 3G Electronics based out of Shenzhen City. The app,...

Report: Most Popular Home Routers Have ‘Critical’ Flaws

A security review of 127 popular home routers found most contained at least one critical security flaw, according to researchers. The “Home Router Security Report” PDF by Peter Weidenbach and Johannes vom Dorp—both from the German think tank Fraunhofer Institute–found that not only did all of the...

Microsoft Warns on OAuth Attacks Against Cloud App Users

Against the backdrop of widespread remote working and the increased use of collaboration apps, attackers are ramping up application-based attacks that exploit OAuth 2.0, Microsoft is warning. OAuth is an open standard for access delegation, commonly used as a way for people to sign into services...

Zoom Zero-Day Allows RCE, Patch on the Way

UPDATE A newly discovered bug in the Zoom Client for Windows could allow remote code-execution, according to researchers at 0patch, which disclosed the existence of the flaw on Thursday after pioneering a proof-of-concept exploit for it. The issue was confirmed for Threatpost by a Zoom...

Joker Android Malware Dupes Its Way Back Onto Google Play

A new variant of the infamous Joker malware has once again made it onto Google Play, with Google removing 11 malicious Android applications from its official app marketplace, researchers disclosed Thursday. Malicious apps spreading the Joker have continued to skirt Google Play’s protections since...

BlueLeaks Server Seized By German Police: Report

German authorities have reportedly seized a server hosting the massive BlueLeaks data dump, which was released earlier in June and exposed thousands of sensitive police department and law enforcement files. According to a Wednesday report by PCMag, the server was based in Falkenstein, Germany and...

'Undeletable' Malware Shows Up in Yet Another Android Device

Security researchers have identified yet another Android-based mobile device available through the government-funded Lifeline Assistance Program pre-loaded with malware, a discovery adding evidence to the disturbing trend of smartphones infected with undeletable malicious code upon purchase. Hard...

Advertising Plugin for WordPress Threatens Full Site Takeovers

The Adning Advertising plugin for WordPress, a premium plugin with over 8,000 customers, contains a critical remote code-execution vulnerability with the potential to be exploited by unauthenticated attackers. The plugin’s author, Tunafish, has rolled out a patched version v.1.5.6, which site...

Notorious Hacker 'Fxmsp' Outed After Widespread Access-Dealing

“Fxmsp,” a notorious hacker who made headlines last year for allegedly stealing and selling source code and customer access from McAfee, Symantec and Trend Micro, has been outed. He’s a Kazakh national named Andrey Turchin, and according to unsealed court documents, he faces hacking charges datin...

Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks

Microsoft has seized several domains associated with a massive hacking campaign, which has targeted Office 365 accounts with phishing and business email compromise BEC emails. The sophisticated phishing attacks, which first began in December, have since compromised Office 365 accounts in 62...

15 Billion Credentials Currently Up for Grabs on Hacker Forums

Fifteen billion usernames and passwords for a range of internet services are currently for sale on underground forums – shedding light on the sheer scope of compromised credentials that are fueling account takeovers on the internet. A report released Wednesday — “From Exposure to Takeover” by the...

BEC Hotshot with Opulent Social Media Presence to Face U.S. Charges

A Dubai resident with an elaborate lifestyle that he touted on social media – think designer clothes, expensive watches, luxury cars and charter jets – has arrived in the United States to face criminal charges. He is charged with conspiring to engage in money laundering, as part of a business ema...

Keeper Threat Group Rakes in $7M from Hundreds of Compromised E-Commerce Sites

Since its launch three years ago, the Keeper threat group has compromised more than 570 e-commerce websites, from online liquor stores to Apple product resellers. And experts warn of future, increasingly sophisticated attacks against online merchants worldwide. The Keeper group, a faction of the...

Cerberus Banking Trojan Unleashed on Google Play

A malicious Android app has been uncovered on the Google Play app marketplace that is distributing the banking trojan, Cerberus. The app has 10,000 downloads. Researchers said that the trojan was found within the last few days, as it was being spread via a Spanish currency converter app called...

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Multiple vulnerabilities in the Citrix Application Delivery Controller ADC and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker. The Citrix products...

Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

Researchers have identified a credit-card skimming campaign that’s been active since mid-April that has a rather specific and unusual target: ASP.NET-based websites running on Microsoft Internet Information Services IIS servers. New research from Malwarebytes Labs recently uncovered the campaign,...

Podcast: Securing Railway Systems Against Hacks

Dr. Jesus Molina Railway systems are becoming increasingly digital – from digital signaling systems to remote monitoring functions – and this is opening the door for sophisticated bad actors to launch various malicious cyberattacks. Dr. Jesus Molina, director of Industrial IOT with Waterfall...

First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered

Researchers say they have discovered the first-ever reported Russian business email compromise BEC cybercriminal ring, showing that sophisticated attackers beyond the usual Nigerian scammers are setting their sights on the email-based attack vector. The BEC gang is called Cosmic Lynx, and has bee...

Android Users Hit with 'Undeletable' Adware

UPDATE A healthy percentage of Android users targeted by mobile malware or mobile adware last year suffered a system partition infection, making the malicious files virtually undeletable. That’s according to research from Kaspersky, which found that 14.8 percent of its users who suffered such...

Admins Urged to Patch Critical F5 Flaw Under Active Attack

Security experts are urging companies to deploy an urgent patch for a critical vulnerability in F5 Networks’ networking devices, which is being actively exploited by attackers to scrape credentials, launch malware and more. Last week, F5 Networks issued urgent patches for the critical remote...