September 2018

Seventeen percent of data breaches started as social engineering attacks, mostly from email, according to the most recent Verizon Data Breach Investigations Report.  In general, Read More

The Kodi media player has emerged as a malware distribution platform for cybercriminals, recently becoming the target for a cryptomining campaign that compromised about 5,000 Read More

A newly released proof-of-concept attack using malicious JavaScript can crash or freeze Mozilla Firefox when an unsuspecting victim visits a specially crafted webpage on the Read More

Email addresses and encrypted passwords of over 6.4 million SHEIN customers were stolen over the summer after the women’s retailer said it suffered a “concerted Read More

Certain types of online ads that expand, contract and pop-open aren’t just annoying – they can sometimes be dangerous. The ads in question are called Read More

A newly-discovered spam campaign is spreading the Adwind 3.0 remote-access tool (RAT) – and using a fresh take on the Dynamic Data Exchange (DDE) code-injection Read More

advisory on Thursday that various applications use that format). Adversaries could also trigger an exploit with a weaponized web page, according to ZDI – although Read More

Up to two billion devices are still vulnerable to the BlueBorne IoT attack – and may not ever get a patch. Read More

A critical vulnerability in the Cisco Video Surveillance Manager software has been uncovered, which could allow an unauthenticated, remote attacker to log in and execute Read More

Twitter on Friday said that a recently-patched bug in its platform enabled software developers to read users’ private direct messages or protected tweets. The bug Read More