Skip to main content

Security News

Filter by:

McDonald’s Email Blast Includes Password to Monopoly Game Database

Usernames, passwords for database sent in prize redemption emails.
Threatpost 10 Sep 2021 190 Views

Attacker releases credentials for 87,000 FortiGate SSL VPN devices

Access data for FortiGate devices was obtained by exploiting a known, old vulnerability.
ZDnet 9 Sep 2021 375 Views

Phishing attacks: One in three suspect emails reported by employees really are malicious

Up to a third of emails that were flagged as suspicious by employees were actually a threat, according to a new report.
ZDnet 9 Sep 2021 362 Views

What Ragnar Locker Got Wrong About Ransomware Negotiators – Podcast

There are a lot of "tells" that the ransomware group doesn't understand how negotiators work, despite threatening to dox data if victims call for help.
Threatpost 9 Sep 2021 174 Views

Can WhatsApp moderators really read your encrypted texts? Yes ... if you forward them to the abuse dept

Where did people think spam and harassment reports were going? Facebook's WhatsApp states its messages are protected by the Signal encryption protocol. A report published today by investigative non-profit ProPublica contends that WhatsApp communication is less private than users understand or expect.…
The Register 8 Sep 2021 12747 Views

Miscreants fling booby-trapped Office files at victims, no patch yet, says Microsoft

ActiveX and MSHTML, the gift that keeps on giving ... to intruders In an advisory issued on Tuesday, Microsoft said some of its users were targeted by poisoned Office documents that exploit an unpatched flaw to hijack their Windows machines.…
The Register 8 Sep 2021 12770 Views

Netgear Smart Switches Open to Complete Takeover

The Demon's Cries, Draconian Fear and Seventh Inferno security bugs are high-severity entryways to corporate networks.
Threatpost 8 Sep 2021 184 Views

U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw

The U.S. Cyber Command on Friday warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments that could be abused by unauthenticated attackers to take control of a vulnerable system. "Mass exploitation of Atlassian Confluence...
The Hacker News 8 Sep 2021 5099 Views

Bluetooth BrakTooth bugs could affect billions of devices

Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors.
Bleeping Computer 6 Sep 2021 161 Views

IoT Attacks Skyrocket, Doubling in 6 Months

The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets.
Threatpost 6 Sep 2021 145 Views