Exploit for Firefox 68 on Android Local Area Network SSDP Screencast
Firefox for Android LAN-Based Intent Triggering
Exploit research and development by Chris Moberly (Twitter: @init_string)
Overview
The SSDP engine in Firefox for Android (68.11.0 and below) can be tricked into triggering Android...
Fake DDoS Protection Alerts Distribute Dangerous RAT
Threat actors are spoofing Cloudflare DDoS bot-checks in an attempt to drop a remote-access Trojan (RAT) on systems belonging to visitors to some previously compromised WordPress websites.
Researchers from Sucuri...
Successful Malware Incidents Rise as Attackers Shift Tactics
As employees moved to working from home and on mobile devices, attackers followed them and focused on weekend attacks, a security firm says.Companies relaxed security controls to help employees...
Here’s how to quickly spot a deepfake crypto scam — cybersecurity execs
Crypto investors have been urged to keep their eyes peeled for “deepfake” crypto scams to come, with the digital-doppelganger technology continuing to advance, making it harder for viewers to...
US Defense Contractor Discloses Data Breach
Electronic Warfare Associates (EWA), a US defense contractor, has confirmed a data breach in which attackers exfiltrated files containing personal information.The breach began with a phishing attack that had...
AutoRabit launches devsecops tool for Salesforce environments
Devsecops firm AutoRabit is trying to address security issues arising from policy changes and misconfigurations in Salesforce environments with a new offering, CodeScan Shield.CodeScan Shield is the next iteration...
Emotet Is Back and More Dangerous Than Before
Like Arnold Schwarzenegger's Terminator, the dreaded Emotet malware is back infecting computers worldwide and once again putting organizations at heightened risk of subsequent ransomware attacks.
Researchers from Check Point this...
Group With Potential Links to Iranian Threat Actor Resurfaces
Lyceum, a previously known threat actor associated with targeted attacks on organizations in the Middle East, has resurfaced with new malware and tactics similar to those used by a...
Attackers Flaunt Remote Access Credentials, Threaten Supply Chain
Network access brokers, the cybercriminals who trade in credentials needed to compromise corporate computers, have advertised and sold credentials for a variety of global shipping and logistics companies in...
Apache Log4j vulnerability actively exploited, impacting millions of Java-based apps
Attackers are actively exploiting a critical vulnerability in Apache Log4j, a logging library that's used in potentially millions of Java-based applications, including web-based ones. Organizations should immediately review if...