VIRUS.COM.AR

The attack was mounted via SolarWinds Orion, in a manual and targeted supply-chain effort. Source: Threadpost

Emails from legitimate, compromised accounts are being sent to numerous enterprise employees with the aim of stealing their O365 credentials. Source: Threadpost

The newly discovered Python-based malware family targets the Outlook processes, and browser credentials, of Microsoft Windows victims. Source: Threadpost

Corporate endpoint security technologies for mid-sized companies struggle to surprise us with anything brand new. They provide reliable protection against malware and, when combined with relevant policies, regular updates, and employee...

Point-of-sale terminal vendors Verifone and Ingenico have issued mitigations after researchers found the devices use default passwords. Source: Threadpost

The Adrozek ad-injecting browser modifier malware also extracts device data and steals credentials, making it an even more dangerous threat. Source: Threadpost

The malware takes aim at PostgreSQL database servers with never-before-seen techniques. Source: Threadpost

Attackers are targeting students and faculty alike with malware, phishing, DDoS, Zoom bombs and more, the FBI and CISA said. Source: Threadpost

Facebook shut down accounts and Pages used by two separate threat groups to spread malware and conduct phishing attacks. Source: Threadpost

Fortinet's Aamir Lakhani discusses best practices for securing company data against next-gen threats, like edge access trojans (EATs). Source: Threadpost