Geriatric Microsoft Bug Exploited by APT Using Commodity RATs

Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that’s as potent as it is ancient. An APT described…

Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack

Visible says yes, user accounts were hijacked, but it denied a breach. As of today, users are still posting tales of forcibly changed passwords and getting stuck with bills for…

CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features

The campaign, which uses the Apple Developer Program and Enterprise Signatures to get past Apple’s app review process, remains active. Pyramid-scheme cryptocurrency scammers are exploiting Apple’s Enterprise Developer Program to…

Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug

The bug is under attack. Within hours of the patch release, a researcher published POC code, calling it a “great” flaw that can be used for jailbreaks and local privilege…

Intune vs. WSUS vs. SCCM – Costs, Benefits, Ease of Use, and Deployment

Patching has certainly gained a lot of momentum ever since research has proven that ‘unattended’ apps and software can quickly lead to a data leak.  Patching is the new ‘kid’…

Canopy Parental Control App Wide Open to Unpatched XSS Bugs

The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users. Canopy, a parental control app that offers a range of features meant to protect kids…

How to Build an Incident-Response Plan, Before Security Disaster Strikes

Joseph Carson, Chief Security Scientist at ThycoticCentrify, offers a 7-step practical IR checklist for ensuring a swift recovery from a cyberattack. In a startling discovery, a recent report found that…

MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed

Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA. The accounts of at least 6,000 Coinbase customers…

Flubot Malware Targets Androids With Fake Security Updates

The banking trojan keeps switching up its lies, trying to fool Android users into clicking on a fake Flubot-deleting app or supposedly uploaded photos of recipients. The Flubot banking trojan…

Apple Pay with Visa Hacked to Make Payments via Unlocked iPhones

Researchers have demonstrated that someone could use a stolen, unlocked iPhone to pay for thousands of dollars of goods or services, no authentication needed. An attacker who steals a locked…