Phishers Swim Around 2FA in Coinbase Account Heists| threatpost.com
Moker, a new remote access Trojan targeting Windows machines, can effectively mitigate security measures and grant an attacker full access to the system.| threatpost.com
2.5 million people were affected, in a breach that could spell more trouble down the line.| threatpost.com
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.| Threatpost
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.| Threatpost
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.| Threatpost
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.| Threatpost
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.| Threatpost
CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.| Threatpost
Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.| Threatpost
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.| threatpost.com
Research analyzing three months of coronavirus-themed attacks show cybercriminals adjusting threat levels to evolve with pandemic and typical employment trends.| threatpost.com
An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.| threatpost.com