Microsoft Exchange Servers Still Open to Actively Exploited Flaw

Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable. Source: Threadpost

Why Web Browser Padlocks Shouldn’t Be Trusted

Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them. Source: Threadpost

Zerologon Attacks Against Microsoft DCs Snowball in a Week

The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged. Source: Threadpost

The Network Perimeter: This Time, It’s Personal

Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security. Source: Threadpost

Las Vegas Students’ Personal Data Leaked, Post-Ransomware Attack

A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom. Source: Threadpost

Why master YARA: from routine to extreme threat hunting cases. Follow-up

On 3rd of September, we were hosting our “Experts Talk. Why master YARA: from routine to extreme threat hunting cases“, in which several experts from our Global Research and Analysis Team...

Telehealth Poll: How Risky Are Remote Doctor Visits?

Threatpost's latest poll probes telehealth security risks and asks for IT cures. Source: Threadpost

Windows 7 ‘Upgrade’ Emails Steal Outlook Credentials

Researchers warn of emails pretending to help business employees upgrade to Windows 10 - and then stealing their Outlook emails and passwords. Source: Threadpost

Mac, Linux Users Now Targeted by FinSpy Variants

FinSpy has returned in new campaigns targeting dissident organizations in Egypt - and researchers uncovered new samples of the spyware targeting macOS and Linux users. Source: Threadpost

Universal Health Services Ransomware Attack Impacts Hospitals Nationwide

The Ryuk ransomware is suspected to be the culprit. Source: Threadpost
- Advertisement -

APLICATIONS

GDPR Phishing Scam Targets Apple Accounts, Financial Data

A phishing scam fooled victims by claiming to be Apple and scooping up personal details – including financial information and Apple account information. Source: Threadpost