State-sponsored cyberattackers are using Google Drive, Dropbox and other legitimate services to drop spyware on Middle-Eastern targets and exfiltrate data.
The bug can allow attackers to remotely execute code on gamers’ computers. The devs temporarily deactivated PvP servers across multiple affected versions.
QR codes have become a go-to staple for contactless transactions of all sorts during the pandemic, and the FBI is warning cybercriminals are capitalizing on their lax security to steal…
Read more
The ‘DTPacker’ downloader used fake Liverpool Football Club sites as lures for several weeks, a report finds.
What attracts the attackers? David “moose” Wolpoff, CTO at Randori, discusses how to evaluate your infrastructure for juicy targets.
Court rules ‘War or Hostile Acts’ exclusion doesn’t apply to the pharma giant’s 2017 cyberattack.
The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.
McAfee has patched two high-severity bugs in its Agent component, one of which can allow attackers to achieve arbitrary code execution with SYSTEM privileges.
The brief spearphishing campaigns spread malware and use compromised networks to steal credentials that can be sold or used to commit financial fraud.
In a display of 2FA’s fallibility, unauthorized transactions approved without users’ authentication bled 483 accounts of funds.