Joker Trojans Flood the Android Ecosystem
September saw dozens of Joker malware variants hitting Google Play and third-party app stores.
Source: Threadpost
Twitter Warns Developers of API Bug That Exposed App Keys, Tokens
Twitter has fixed a caching issue that could have exposed developers' API keys and tokens.
Source: Threadpost
Bug Bounty FAQ: Top Questions, Expert Answers
Four leading voices in the bug bounty community answer frequently asked questions from bounty hunters, companies and curious cybersecurity professionals.
Source: Threadpost
FortiGate VPN Default Config Allows MitM Attacks
The client's default configuration for SSL-VPN has a certificate issue, researchers said.
Source: Threadpost
Industrial Cyberattacks Get Rarer but More Complex
The first half of 2020 saw decreases in attacks on most ICS sectors, but oil/gas firms and building automation saw upticks.
Source: Threadpost
Ring’s Flying In-Home Camera Drone Escalates Privacy Worries
Privacy fears are blasting off after Amazon's Ring division unveiled the new Always Home Cam, a smart home security camera drone.
Source: Threadpost
Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks
An APT group has started heavily relying on cloud services like Azure Active Directory and OneDrive, as well as open-source tools, to obfuscate its attacks.
Source: Threadpost
Feds Hit with Successful Cyberattack, Data Stolen
The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit.
Source: Threadpost
Cisco Patch-Palooza Tackles 29 High-Severity Bugs
Patches and workaround fixes address flaws on networking hardware running Cisco IOS XE software.
Source: Threadpost
Free Apple iPhone 12? Chatbot Scam Spreads Via Texts
Convincing SMS messages tell victims that they've been selected for a pre-release trial for the soon-to-be-launched device.
Source: Threadpost