Information Security newsfeed from around the world in English and French. Find it all in one place… here.
Amazon, Apple, Netflix, Facebook and WhatsApp are top brands leveraged by cybercriminals in phishing and fraud attacks – including a recent strike on a half-million Facebook users. Source: Threatpost.com Facebook: A Top Launching Pad For Phishing Attacks
Continue ReadingAttackers are targeting Microsoft Office 365 users with a Coinbase-themed attack, aiming to take control of their inboxes via OAuth. Source: Threatpost.com Office 365 OAuth Attack Targets Coinbase Users
Continue ReadingThe two important-severity flaws in Microsoft Windows Codecs Library and Visual Studio Code could enable remote code execution. Source: Threatpost.com Microsoft Fixes RCE Flaws in Out-of-Band Windows Update
Continue ReadingGoogle’s Threat Analysis Group sheds more light on targeted credential phishing and malware attacks on the staff of Joe Biden’s presidential campaign. Source: Threatpost.com Biden Campaign Staffers Targeted in Cyberattack Leveraging Antivirus Lure, Dropbox Ploy
Continue ReadingFortinet researchers are seeing a pivot in the spear-phishing and phishing lures used by cybercriminals, to entice potential job candidates as businesses open up. Source: Threatpost.com Phishing Lures Shift from COVID-19 to Job Opportunities
Continue ReadingAfter cybercriminals smoked out 3 million compromised payment cards on the Joker’s Stash marketplace, researchers linked the data to a breach at the popular barbecue franchise. Source: Threatpost.com Dickey’s BBQ Breach: Meaty 3M Payment Card Upload Drops on Joker’s Stash
Continue ReadingFrom a cyberattack on Barnes & Noble to Zoom rolling out end-to-end encryption, Threatpost editors break down the top security stories of the week. Source: Threatpost.com News Wrap: Barnes & Noble Hack, DDoS Extortion Threats and More
Continue ReadingAdobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database. Source: Threatpost.com Critical Magento Holes Open Online Shops to Code Execution
Continue ReadingAfter backlash over false marketing around its encryption policies, Zoom will finally roll out end-to-end encryption next week. Source: Threatpost.com Zoom Rolls Out End-to-End Encryption After Setbacks
Continue ReadingOrganizations worldwide – including Travelex – have been sent letters threatening to launch DDoS attacks on their network unless a $230K ransom is paid. Source: Threatpost.com Travelex, Other Orgs Face DDoS Threats as Extortion Campaign Rages On
Continue Reading