May 21, 2020 Magento Plugin Flaw Leaves Online Shoppers Open to E-Skimming Attacks 2 min read - A Magento plugin vulnerability that dates back at least three years could allow e-skimming attacks on unsuspecting online shoppers, the FBI warns.
May 12, 2020 Thunderspy Vulnerabilities Put Some Thunderbolt Users at Risk of Data Theft 2 min read - Millions of Windows and Linux-based devices could be hit by what researchers call Thunderspy attacks, where flaws in Thunderport interfaces are exploited in a matter of minutes.
May 5, 2020 EventBot Mobile Banking Trojan Could Infect Over 200 Financial Services Apps 2 min read - More than 200 personal finance apps are at risk of a mobile banking Trojan dubbed EventBot, which is designed to steal user data, security researchers warn.
April 28, 2020 Data-Stealing Asnarök Malware Exploits Zero-Day Flaw in Sophos XG Firewalls 2 min read - Cybercriminals have been using a Trojan dubbed Asnarök to steal data by exploiting a vulnerability in enterprise firewalls from Sophos, the company warned.
April 21, 2020 Emotet Gets a Redesign to Improve Its Evasion Capabilities 2 min read - Emotet has returned with additional modules that have been specifically designed to improve the malware's evasion capabilities, a cybersecurity researcher warned.
April 15, 2020 Phishing Campaign Tries to Fool WebEx Users With Bogus IT Security Warnings 2 min read - A phishing campaign is targeting WebEx users who are working from home by spoofing IT security alerts, according to security researchers.
April 7, 2020 Kinsing Malware Hits Container API Ports With Thousands of Attacks per Day 2 min read - A misconfigured API port led to a months-long campaign in which cybercriminals have been launching daily Kinsing malware attacks that number in the thousands, according to security researchers.
March 23, 2020 Mirai Variant Mukashi Conducts Brute-Force Attacks Against Vulnerable NAS Devices 2 min read - Network-attached storage devices are being targeted by Mukashi, a variant of the Mirai malware, in an effort to launch large-scale distributed denial-of-service (DDoS) attacks, researchers warn.
March 18, 2020 Snoop Attacks via L1 Data Sampling Threaten Security of Intel CPUs 2 min read - Intel processors, including Core and Xeon products, are susceptible to attacks described as Snoop-assisted L1 data sampling, a security investigator has discovered.
March 10, 2020 Threat Actors Launch Attacks Based on Exchange Control Panel Vulnerability 2 min read - Threat groups are exploiting a vulnerability in the Exchange Control Panel (ECP) just weeks after Microsoft issued a patch, security researchers have discovered.
March 3, 2020 Researchers Estimate Krøøk Vulnerability Could Put a Billion Wi-Fi Devices at Risk 2 min read - Researchers estimate more than a billion devices may be vulnerable to a cyberthreat dubbed Krøøk that can intercept and decrypt Wi-Fi traffic using WPA2 connections.
February 25, 2020 Phishing Schemes Use Google Forms to Steal Office 365 Credentials 2 min read - Phishing campaigns aimed at stealing Microsoft user credentials are using Google Forms to dupe potential victims, security researchers warn.