Porn Site Becomes Hub for Malvertising Campaigns
A popular porn site is used by KovCoreG Group to launch multiple malvertising campaigns exposing millions to fake browser updates and malware.
Source: Threadpost
New Phishing Scam Reels in Netflix Users to TLS-Certified Sites
Researchers are warning of a new Netflix phishing scam that leads to sites with valid TLS certificates.
Source: Threadpost
Operation Parliament, who is doing what?
Summary
Kaspersky Lab has been tracking a series of attacks utilizing unknown malware since early 2017. The attacks appear to be geopolitically motivated and target high profile organizations. The objective of the...
Twitter Urges Users to Change Passwords Due to Glitch
A glitch caused Twitter passwords to be stored in plain text on an internal log.
Source: Threadpost
Beware of stalkerware
Spyware might sound like a concept from a Hollywood movie, yet commercial versions of such programs – known in the cybersecurity industry as ‘stalkerware’ – are a daily reality for many...
Threatpost News Wrap, September 22, 2017
The Equifax data breach saga so far, a Google HTTPS warnings paper, cryptocurrency mining at the Pirate Bay, and bringing machine learning to passwords are all discussed.
Source: Threadpost
Gatekeeper Alone Won’t Mitigate Apple Keychain Attack
Apple said that macOS' native Gatekeeper security feature would protect against a Keychain attack disclosed this week, but researcher Patrick Wardle said that won't help against Mac malware signed with an...
Aviation-Related Phishing Campaigns Seeking Credentials
Researchers warn of a wave in aviation-themed phishing attacks that aim to steal credentials and install malware.
Source: Threadpost
Somebody’s watching! When cameras are more than just ‘smart’
Every year the number of smart devices grows. Coffee machines, bracelets, fridges, cars and loads of other useful gadgets have now gone smart. We are now seeing the emergence of smart...
Gojdue Variant Eludes Microsoft, Google Cloud Protection, Researchers Say
Researchers have identified a new ransomware strain that went undetected by built-in malware protection used by cloud heavyweights Microsoft and Google as recently as January.
Source: Threadpost