GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials....
News
IT threat evolution in Q1 2022. Mobile statistics
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....
IT threat evolution Q1 2022
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....
IT threat evolution in Q1 2022. Non-mobile statistics
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....
Android pre-installed apps are affected by high-severity vulnerabilities
Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research...
GhostTouch: how to remotely control touchscreens with EMI
Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang...
FBI: Compromised US academic credentials available on various cybercrime forums
The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors...
Twitter fined $150M after using 2FA phone numbers for marketing
The Federal Trade Commission (FTC) and the Department of Justice (DOJ) have ordered Twitter to pay a $150M penalty for...
Firefox, Thunderbird, receive patches for critical security issues
Mozilla has published updates for two critical security issues in Firefox and Thunderbird, demonstrated during Pwn2Own Vancouver. The vulnerabilities, discovered...
ERMAC 2.0 Android Banking Trojan targets over 400 apps
A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC...
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers...
Managed detection and response in 2021
Kaspersky Managed Detection and Response (MDR) helps organizations to complement existing detection capabilities or to expand limited in-house resources to...
Cyber Risk Management Strategies from Arjo CIO
Andrea Berg, CIO of Arjo, explores the critical need for effective and inclusive communication around IT requirements to expand beyond...
Exposed: the threat actors who are poisoning Facebook
An investigation of the infamous “Is That You?” video scam led Cybernews researchers into exposing threat actors who are poisoning...
Zyxel addresses four flaws affecting APs, AP controllers, and firewalls
Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates...
Experts warn of a new malvertising campaign spreading the ChromeLoader
Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary...
ChromeLoader targets Chrome Browser users with malicious ISO files
If you’re on the hunt for cracked software or games, be warned. Rogue ISO archive files are looking to infect...
Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed
The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the...
Watch out! Tinder and Grinder users targeted by cruel scammers using real abuse photos
A horrible catfishing scam is using real abuse photos in order to lure in unsuspecting victims on sites like Tinder...
Italy announced its National Cybersecurity Strategy 2022/26
Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of...
If you get an email saying “Item stopped due to unpaid customs fee”, it’s a fake
Our spam traps recently caught a phishing scam that neatly illustrates some of the tactics scammers use routinely to avoid...
The Verizon 2022 DBIR
The Verizon 2022 Data Breach Investigations Report is out. We are proud to collaborate as a supporting contributor to this...
What’s wrong with automotive mobile apps?
Introduction The recent story about the 19-year-old hacker who took control of several dozen Tesla cars has become something of a...
Unknown APT group is targeting Russian government entities
An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from...
