Using Authy? Beware of impending phishing attempts
Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. What happened? On July 1, Twilio – the company that develops t.....»»
Attackers are pummeling networks around the world with millions of login attempts
Attacks coming from nearly 4,000 IP addresses take aim at VPNs, SSH and web apps. Enlarge (credit: Matejmo | Getty Images) Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s.....»»
Piracy Shield: Influential Consumer Union Attempts to Break AGCOM’s Silence
Telecoms regulator AGCOM has either downplayed, dismissed, or flat-out ignored even the most constructive criticism concerning the Piracy Shield system. How AGCOM will handle a demand for information filed by the National Consumers Union (UNC) remain.....»»
In Russia"s Far East, a new heavy-lift rocket blasts off into space after two aborted launches
Russia on Thursday successfully test-launched a new heavy-lift rocket from its Far Eastern space complex, a lift-off that comes after two aborted attempts earlier this week......»»
Organizations need to beware of "institutional parasites," study says
Organizations that fail to identify or swiftly expel "institutional parasites" risk long-term damage, academics from British and Finnish business schools have warned......»»
iPadOS 17.5 beta teases OLED display upgrade for 2024 iPad Pro models
The upcoming iPad Pro models are rumored to feature cutting-edge OLED displays, a significant upgrade from the current LCD panels, and iPadOS 17.5 hints at their impending release.The 2024 iPad Pro models could have an OLED displayEvidence found in t.....»»
Cybercriminal adoption of browser fingerprinting
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browser.....»»
Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compres.....»»
Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may “enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely,”.....»»
Beware of fake CleanMyMac installers that will infect your Mac
Cybersecurity experts recently uncovered a sophisticated scheme where attackers disguise malware as CleanMyMac to steal Mac users' data.MacPaw team finds malware disguised as CleanMyMacMacPaw, the creator of CleanMyMac and other utilities, has a cybe.....»»
Apple users targeted by sophisticated phishing attack to reset their ID password
There are many known phishing attacks that target users of Apple devices to gain access to their Apple ID. However, a new “elaborate” attack uses a bug in the Apple ID password reset feature with “push bombing” or “MFA fatigue” techniques.....»»
If you"re getting dozens of password reset notifications, you"re being attacked
Apple users are becoming the target of a new wave of phishing attacks called "MFA Bombing" that relies on user impatience, and a bug in Apple's password reset mechanism.An example of the Apple ID password reset notificationPhishing attacks often rely.....»»
Attackers leverage weaponized iMessages, new phishing-as-a-service platform
Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them to impersonate a variety of brands based in over 100 different countries: postal services, public and private.....»»
Japan attempts to revive moon lander after second lunar night
Japan's space agency said on Tuesday it will try to revive its moon lander after a second frigid, two-week lunar night, following a surprising awakening last month......»»
APT29 hit German political parties with bogus invites and malware
APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared. Phishing leading to malware The attack started in late February 2024, with phishing emails containi.....»»
Scammers steal millions from FTX, BlockFi claimants
Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to complete the withdrawal of remaining funds. Judging by this Reddit thread, many.....»»
Attackers are targeting financial departments with SmokeLoader malware
Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration organizations. The phishing campaign The Ukrainian SSSCIP State Cyber Protection.....»»
Epic and allies are complaining about Apple"s US App Store fees, while they charge about the same
Epic has been joined by Meta, Microsoft, X, and Match to protest how Apple is handling App Store fees and the California anti-steering order, even as Microsoft bills Xbox developers heavily, and Epic attempts to charge a 12% commission in the EU.Epic.....»»
Beware! The latest Windows 11 update might crash your PC
Reports on social media indicate that the routine security update for March causes Windows to crash upon startup, as well as other issues......»»
Apple refutes criticism of its carbon neutral plans by showcasing its rainforest efforts
Aiming to show that its carbon reduction efforts are not mere "climate-washing," Apple has spotlighted how its Restore Fund is contributing to the restoration of a Brazilian rainforest, and attempts to save over 3,000 types of tree from extinction.Wo.....»»
Thrive Incident Response & Remediation helps organizations contain and remove threats
Thrive launched Thrive Incident Response & Remediation, an on-demand cybersecurity response service to contain and remove threats, along with engineering assistance to rebuild and restore critical systems. Phishing, ransomware and other cyberattacks.....»»