Cybercriminals use legitimate websites to obfuscate malicious payloads
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the.....»»
Movie industry demands US law requiring ISPs to block piracy websites
Opponents say SOPA-like proposal would block plenty of legitimate websites. Enlarge / Motion Picture Association CEO Charles Rivkin speaks onstage during CinemaCon, a convention of the National Association of Theatre Owners, at C.....»»
Index Engines CyberSense 8.6 detects malicious activity
Index Engines announced the latest release of its CyberSense software, with version 8.6 delivering a revamped user interface to support smarter recovery from ransomware attacks, new custom Advanced Threshold Alerts to proactively detect unusual activ.....»»
IT pros targeted with malicious Google ads for PuTTY, FileZilla
An ongoing malvertising campaign is targeting IT administrators looking to download system utilities such as PuTTY (a free SSH and Telnet client) and FileZilla (a free cross-platform FTP application). “We have reported this campaign to Google b.....»»
Thousands of LG TVs are vulnerable to takeover—here’s how to ensure yours isn’t one
LG patches four vulnerabilities that allow malicious hackers to commandeer TVs. Enlarge (credit: Getty Images) As many as 91,000 LG TVs face the risk of being commandeered unless they receive a just-released security upd.....»»
How can the energy sector bolster its resilience to ransomware attacks?
Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber threats targeting this industry have grown significantly in recent years, as geopolitical tensions h.....»»
How malicious email campaigns continue to slip through the cracks
In this Help Net Security video, Josh Bartolomie, VP of Global Threat Services at Cofense, discusses how email will remain a target as long as it remains the predominant form of communication within a business. Cofense researchers have found that mal.....»»
Cybercriminal adoption of browser fingerprinting
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browser.....»»
“Pink slime” local news outlets erupt all over US as election nears
Number of partisan news sites roughly equals those doing actual, legitimate journalism. Enlarge / Chicago City Wire is a hyper-partisan website masquerading as an outlet that does journalism. (credit: FT Montage) The num.....»»
Sideloading apps from the web in EU possible with iOS 17.5
As promised, the iOS 17.5 beta includes support for sideloading apps directly from authorized developer websites in the European Union.Apple App StoreWhen Apple first released its plans for complying with the EU's Digital Markets Act, it only intende.....»»
Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic
Fastly introduced Fastly Bot Management to help organizations combat automated “bot” attacks at the edge and significantly reduce the risk of fraud, DDoS attacks, account takeovers, and other online abuse. Fastly Bot Management represents an impo.....»»
Impersonation scams cost US victims over a billion dollars last year
A new report from the FTC shows the cost of spoofing scams, and the new methods cybercriminals are adopting......»»
Backdoor found in widely used Linux utility targets encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month. Enlarge / Internet Backdoor in a string of binary code in a shape of an eye. (credit: Getty Images) Researchers have found a malicious backdo.....»»
What we know about the xz Utils backdoor that almost infected the world
Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream. Enlarge / Malware Detected Warning Screen with abstract binary code 3d digital concept (credit: Getty Images) On Friday, researcher.....»»
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may “enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely,”.....»»
Backdoor found in widely used Linux utility breaks encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month. Enlarge / Internet Backdoor in a string of binary code in a shape of an eye. (credit: Getty Images) Researchers have found a malicious backdo.....»»
AI abuse and misinformation campaigns threaten financial institutions
Though generative AI offers financial firms remarkable business and cybersecurity utility, cyberthreats relating to GenAI in financial services are a consistent concern, according to FS-ISAC. Cybercriminals exploit AI for data exfiltration The cybers.....»»
Here’s how to protect against iPhone password reset attacks
One of the latest attacks on iPhone sees malicious parties abuse the Apple ID password reset system to inundate users with iOS prompts to take over their accounts. Here’s how you can protect against iPhone password reset attacks (often called “MF.....»»
PyPI halted new users and projects while it fended off supply-chain attack
Automation is making attacks on open source code repositories harder to fight. Enlarge / Supply-chain attacks, like the latest PyPI discovery, insert malicious code into seemingly functional software packages used by developers......»»
Cybercriminals use cheap and simple infostealers to exfiltrate data
The rise in identity-based attacks can be attributed to a rapid increase in malware, according to SpyCloud. Researchers found that 61% of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related. Of these.....»»
Thousands of Asus routers taken over by malware to form new proxy service
Outdated Asus routers are being assimilated into a malicious botnet used by hackers to hide their traces.....»»