Cyberattackers Serve Up Custom Backdoor for Oracle Restaurant Software

The modular malware is highly sophisticated but may not be able to capture credit-card info. Source: Threadpost

Animal Jam Hacked, 46M Records Roam the Dark Web

Animal Jam, just the latest in a string of attacks on gaming apps, has adopted a transparent communications strategy after stolen data turned up on a criminal forum. Source: Threadpost

Digging into the Dark Web: How Security Researchers Learn to Think Like the Bad...

Hacker forums are a rich source of threat intelligence. Source: Threadpost

Bugs in Critical Infrastructure Gear Allow Sophisticated Cyberattacks

Security problems in Schneider Electric programmable logic controllers allow compromise of the hardware, responsible for physical plant operations. Source: Threadpost

2 More Google Chrome Zero-Days Under Active Exploitation

Browser users are once again being asked to patch severe vulnerabilities that can lead to remote code execution. Source: Threadpost

From Triton to Stuxnet: Preparing for OT Incident Response

Lesley Carhart, with Dragos, gives Threatpost a behind-the-scenes look at how industrial companies are faring during the COVID-19 pandemic - and how they can prepare for future threats. Source: Threadpost

Spam and phishing in Q3 2020

Quarterly highlights Worming their way in: cybercriminal tricks of the trade These days, many companies distribute marketing newsletters via online platforms. In terms of capabilities, such platforms are quite diverse: they send out...

Silver Peak SD-WAN Bugs Allow for Network Takeover

Three security vulnerabilities can be chained to enable unauthenticated remote code execution. Source: Threadpost

Nvidia Warns Windows Gamers of GeForce NOW Flaw

Both Nvidia and Intel faced severe security issues this week - including a high-severity bug in Nvidia's GeForce NOW. Source: Threadpost

Ragnar Locker Ransomware Gang Takes Out Facebook Ads in Key New Tactic

Following a Nov. 3 ransomware attack against Campari, Ragnar Locker group took out public Facebook ads threatening to release stolen data. Source: Threadpost