News

Cyber Security News

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks
September 30, 2020
Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more.
Android Spyware Variant Snoops on WhatsApp, Telegram Messages
September 30, 2020
The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion.
Facebook Small Business Grants Spark Identity-Theft Scam
September 30, 2020
The cybercrooks spread the COVID-19 relief scam via Telegram and WhatsApp, and ultimately harvest account credentials and even pics of IDs.
Microsoft Exchange Servers Still Open to Actively Exploited Flaw
September 30, 2020
Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.
Why Web Browser Padlocks Shouldn’t Be Trusted
September 29, 2020
Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them.
Zerologon Attacks Against Microsoft DCs Snowball in a Week
September 29, 2020
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.
The Network Perimeter: This Time, It’s Personal
September 29, 2020
Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.
Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack
September 29, 2020
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
Telehealth Poll: How Risky Are Remote Doctor Visits?
September 29, 2020
Threatpost's latest poll probes telehealth security risks and asks for IT cures.
Windows 7 ‘Upgrade’ Emails Steal Outlook Credentials
September 28, 2020
Researchers warn of emails pretending to help business employees upgrade to Windows 10 – and then stealing their Outlook emails and passwords.