News
Cyber Security News
- Two cyberattack campaigns are making the rounds using unique social-engineering techniques.
- A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with a casino-like functionality.
- Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more.
- Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange infections.
- The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
- A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said.
- The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices.
- Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered.
- The vulnerability is triggered when a cloud container pulls a malicious image from a registry.
- Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw.