TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks
A security flaw in TikTok could have allowed attackers to query query the platform’s database – potentially opening up for privacy violations. Source: Threatpost.com
Continue ReadingAuthor: Lindsey O Donnell
Breaking Down Joe Biden’s $10B Cybersecurity ‘Down Payment’
Tom Kellermann, head of cybersecurity strategy for VMware Carbon Black, talks about the top security challenges facing the US government as a new presidential administration steps in. Source: Threatpost.com
Continue ReadingSonicWall Breach Stems from ‘Probable’ Zero-Days
The security vendor is investigating potential zero-day vulnerabilities in its Secure Mobile Access (SMA) 100 series. Source: Threatpost.com
Continue ReadingMicrosoft Edge, Google Chrome Roll Out Password Protection Tools
The new tools on Chrome and Edge will make it easier for browser users to discover – and change – compromised passwords. Source: Threatpost.com
Continue ReadingRansomware Attackers Publish 4K Private Scottish Gov Agency Files
Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve. Source: Threatpost.com
Continue ReadingSQL Server Malware Tied to Iranian Software Firm, Researchers Allege
Researchers have traced the origins of a campaign – infecting SQL servers to mine cryptocurrency – back to an Iranian software firm. Source: Threatpost.com
Continue ReadingGoogle Forms Set Baseline For Widespread BEC Attacks
Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms. Source: Threatpost.com
Continue ReadingCritical Cisco SD-WAN Bugs Allow RCE Attacks
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite. Source: Threatpost.com
Continue ReadingInvestment Scammers Prey on Dating App Users, Interpol Warns
Users of dating apps – like Tinder, Match and Bumble – should be on the lookout for investment-fraud scammers. Source: Threatpost.com
Continue ReadingDNSpooq Flaws Allow DNS Hijacking of Millions of Devices
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution. Source: Threatpost.com
Continue Reading