Cyber-Insurance Fuels Ransomware Payment Surge
Companies relying on their cyber-insurance policies to pay off ransomware criminals are being blamed for a recent uptick in ransomware attacks.
Active Exploits Hit WordPress Sites Vulnerable to Thrive Themes Flaws
Thrive Themes has recently patched vulnerabilities in its WordPress plugins and legacy Themes - but attackers are targeting those who haven't yet applied security updates.
Ransomware Attack Foils IoT Giant Sierra Wireless
The ransomware attack has impacted the IoT manufacturer's production lines across multiple sites, and other internal operations.
Office 365 Cyberattack Lands Disgruntled IT Contractor in Jail
A former IT contractor is facing jailtime after a retaliatory hack into a company’s network and wiping the majority of its employees’ Microsoft Office 365 accounts.
Podcast: Microsoft Exchange Server Attack Onslaught Continues
Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs, gives insight into the surge in attacks against vulnerable Microsoft Exchange servers over the last week.
CISA Warns of Security Flaws in GE Power Management Devices
The flaws could allow an attacker to access sensitive information, reboot the UR, gain privileged access, or cause a denial-of-service condition.
Adobe Fixes Critical ColdFusion Flaw in Emergency Update
Attackers can leverage the critical Adobe ColdFusion flaw to launch arbitrary code execution attacks.
Critical F5 BIG-IP Flaw Now Under Active Attack
Researchers are reporting mass scanning for – and in-the-wild exploitation of – a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure.
Bogus Android Clubhouse App Drops Credential-Swiping Malware
The malicious app spreads the BlackRock malware, which steals credentials from 458 services - including Twitter, WhatsApp, Facebook and Amazon.
Trojanized Xcode Project Slips MacOS Malware to Apple Developers
In a new campaign, threat actors are bundling macOS malware in trojanized Apple Xcode developer projects.
Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data
A glitch in Zoom's screen-sharing feature shows parts of presenters' screens that they did not intend to share - potentially leaking emails or passwords.
Cisco Plugs Security Hole in Small Business Routers
The Cisco security vulnerability exists in the RV132W ADSL2+ Wireless-N VPN Routers and RV134W VDSL2 Wireless-AC VPN Routers.
Mimecast: SolarWinds Attackers Stole Source Code
A new Mimecast update reveals the SolarWinds hackers accessed several "limited" source code repositories.
Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices
A new Mirai variant is targeting known flaws in D-Link, Netgear and SonicWall devices, as well as newly-discovered flaws in unknown IoT devices.
Google Releases Spectre PoC Exploit For Chrome
Google has released the side-channel exploit in hopes of motivating web-application developers to protect their sites.