Threat actors use bogus ‘shipping delays’ to deceive customers and businesses. Troy Gill, senior manager of threat intelligence at Zix, discusses how spoofing is evolving and what to do.
The 12-year-old flaw in the sudo-like polkit’s pkexec tool, found in all major Linux distributions, is likely to be exploited in the wild within days.
Attackers are getting creative, using smishing & a malicious Google Play QR reader to plant banking trojans on the phones of victims across the globe.
Visitors who shopped on the company’s eCommerce website in January will likely find their payment-card data heisted, researchers warned.
Some of the bursts of traffic reached up to 10Gbps, reports noted, overwhelming the country’s only ISP, and crippling Andorran Squidcraft gamers along with the rest of the population.
A discarded Discord vanity URL for CryptoBatz was hijacked by cybercriminals to drain cryptocurrency wallets.
A pro-democracy Hong Kong site was used to launch watering-hole attacks that planted a powerful macOS backdoor that researchers dubbed DazzleSpy.
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users.
Researchers identify three new versions of the banking trojan that include various new features, including GPS tracking and novel obfuscation techniques.
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.