Novel Online Shopping Malware Hides in Social-Media Buttons
The skimmer steals credit-card data, using steganography to hide in plain sight in seemingly benign images.
A payment card-skimming malware that hides inside social-media buttons is making the rounds, compromising...
High-Severity Chrome Bugs Allow Browser Hacks
Desktop versions of the browser received a total of eight fixes, half rated high-severity.
Google has updated its Chrome web browser, fixing four bugs with a severity rating of...
As Modern Mobile Enables Remote Work, It Also Demands Security
Lookout’s Hank Schless discusses accelerated threats to mobile endpoints in the age of COVID-19-sparked remote working.
Smartphones, tablets, collaboration apps and other modern framework tools are critical to maintaining productivity...
Xerox DocuShare Bugs Allows Data Leaks
CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes.
Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise...
Cayman Islands Bank Records Exposed in Open Azure Blob
An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs.
A Cayman Island...
Android Messenger App Still Leaking Photos, Videos
The GO SMS Pro app has been downloaded 100 million times; now, underground forums are actively sharing images stolen from GO SMS servers.
The GO SMS Pro Android app has...
Technical Advisory: containerd – containerd-shim API Exposed to Host Network Containers (CVE-2020-15257)
Vendor: containerd Project
Vendor URL: https://containerd.io/
Versions affected: 1.3.x, 1.2.x, 1.4.x, others likely
Systems Affected: Linux
Author: Jeff Dileo
CVE Identifier: CVE-2020-15257
Advisory URL: https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4
Risk: High (full root container escape for a common container configuration)
containerd...
Pandemic, A Driving Force in 2021 Financial Crime
Ransomware gangs with zero-days and more players overall will characterize financially motivated cyberattacks next year.
Financial cybercrime in 2021 is set to evolve, researchers say, with extortion practices becoming more...
Post-Cyberattack, UVM Health Network Still Picking Up Pieces
More than a month after the cyberattack first hit, the UVM health network is still grappling with delayed payment processing and other issues.
More than a month after a cyberattack...
How to Update Your Remote Access Policy – And Why You Should Now
Reducing the risks of remote work starts with updating the access policies of yesterday.
For close to two decades, organizations have allowed privileged employees to work remotely by offering remote...
