Male Chastity Device Comes with Massive Security Flaws
Smart sex toy vulnerable to hacks, researchers say -- which could expose users’ most sensitive bits (of data) to cybercriminals.
Source: Threadpost
Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack
The Magecart spinoff group targeted the wireless service provider in an odd choice of victim.
Source: Threadpost
Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors
Microsoft warns that the MERCURY APT has been actively exploiting CVE-2020-1472 in campaigns for the past two weeks.
Source: Threadpost
COVID-19 Clinical Trials Slowed After Ransomware Attack
The attack on eResearchTechnology potentially slowed down coronavirus research worldwide, and researchers suggest a nation-state actor could be behind the incident.
Source: Threadpost
APT Attack Injects Malware into Windows Error Reporting
The fileless attack uses a phishing campaign that lures victims with information about a worker’s compensation claim.
Source: Threadpost
Unpatched Apple T2 Chip Flaw Plagues Macs
A researcher claims that the issue can be exploited by attackers in order to gain root access.
Source: Threadpost
Post Grid WordPress Plugin Flaws Allow Site Takeovers
Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs -- together they have 66,000 installs.
Source: Threadpost
Black-T Malware Emerges From Cryptojacker Group TeamTNT
The cryptojacking malware variant builds on the TeamTNT group’s typical approach, with a few new — and sophisticated — extras.
Source: Threadpost
Malware Families Turn to Legit Pastebin-Like Service
AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks.
Source: Threadpost
Rare Bootkit Malware Targets North Korea-Linked Diplomats
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors.
Source: Threadpost