OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks | Threatpost
An APT known as TA2552 has been spotted using OAuth2 or other token-based authorization methods to access Office 365 accounts, in order to steal users’ Read More
Android Spyware Variant Snoops on WhatsApp, Telegram Messages | Threatpost
Researchers say they have uncovered a new Android spyware variant with an updated command-and-control communication strategy and extended surveillance capabilities that snoops on social media Read More
Why Web Browser Padlocks Shouldn’t Be Trusted | Threatpost
For years Google, Firefox, Apple and Microsoft relentlessly made the point, in order to avoid rogue sites make sure your browser “padlock” is either locked, Read More
Millions of Accounts Compromised in Snapchat Hack – Early Start with John Berman & Christine Romans – CNN.com Blogs
Hackers appear to have posted account info for 4.6 million users of quickie social-sharing app Snapchat, making usernames and at least partial phone numbers available Read More
Confidential information released after school district refused to pay hackers’ ransom demand, report says – CNN
The district said it has “not received any reports of actual or attempted misuse of the impacted information” and is providing a notice to students Read More
Twitter Warns Developers of API Bug That Exposed App Keys, Tokens | Threatpost
Twitter developers are being warned of a security bug that may have exposed their applications’ credential information – including sensitive application keys and access tokens. Read More
Windows 7 ‘Upgrade’ Emails Steal Outlook Credentials | Threatpost
An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems – but in reality, they are redirected to a fake Outlook Read More
Retail Security: Magecart and the Rise of Retail Security Threats | Threatpost
It’s open season on online shoppers. Petty cybercriminals, nation-state backed groups and every flavor of malicious actor in between are working harder than ever to Read More
Mac, Linux Users Now Targeted by FinSpy Variants | Threatpost
The FinSpy commercial spyware is back in recently observed campaigns against organizations and activists in Egypt. While the spyware previously targeted Windows, iOS and Android Read More
Bug Bounty FAQ: Top Questions, Expert Answers | Threatpost
Seldom does Threatpost have the privilege to tap the collective brain trust of one cybersecurity corner of the threat landscape. But last month, Threatpost brought Read More