Rene Millman

Spot the fake: copies of victim's corporate Microsoft 365 page used in attacks

Spot the fake: copies of victim's corporate Microsoft 365 page used in attacks

Azure Blob Storage and Web Sites misused by scammers to create a semi-targeted and rather convincing credential harvesting page tailored to the user's organisation to fool users

NSA exploits used by worm-cryptominer combo to move laterally and attack systems

NSA exploits used by worm-cryptominer combo to move laterally and attack systems

Malware combines Python and PowerShell to create a cryptocurrency miner, which also has a worm-like component that helps it move laterally and infect victims

Criminals deliver malware via fake NordVPN website

Criminals deliver malware via fake NordVPN website

Security researchers have warned of a new malware campaign that spreads a banking trojan by using fake websites of popular software. Hackers fool users with valid SSL certificate

New flaw in IoT device affects nearly a third of organisations

New flaw in IoT device affects nearly a third of organisations

OpenDreamBox WebAdmin plug-in could enable hackers to execute commands on remote machines

All modern Intel processors hit by flaw that could allow access to OS kernel memory

All modern Intel processors hit by flaw that could allow access to OS kernel memory

Security researchers have discovered a new security vulnerability that affects all modern Intel CPUs. The side-channel attack bypasses all known Spectre and Meltdown mitigations.

Apple iMessage flaw stokes concerns over iPhone sandbox security

Apple iMessage flaw stokes concerns over iPhone sandbox security

Flaws allowing remote exploits on iOS calls into question effectiveness of platform security for those users who have not yet upgraded to iOS 12.4 - sandbox deemed 'defeatable'.

Utilities come under attack in new LookBack spearphishing campaign

Utilities come under attack in new LookBack spearphishing campaign

Spear-phishing emails containing a malicious Microsoft Word attachment that installs RAT are specifically targetting utilities in a new campaign.

'Five Eyes' ministers call to weaken encryption

'Five Eyes' ministers call to weaken encryption

Ministers of Five Eyes nations say backdoor in online communication needed to fight crime, experts warn that such a move could let hackers compromise networks

Vulnerabilities in contactless card verification could let hackers bypass limits

Vulnerabilities in contactless card verification could let hackers bypass limits

Criminals could spend more than £30 limit on Visa contactless cards using MitM attack that worked on five UK banks.

Weapons for sale - weaponised BlueKeep ramps up exploit fears

Weapons for sale - weaponised BlueKeep ramps up exploit fears

Organisations are urged to update systems to avoid attacks following concerns that exploits using the BlueKeep vulnerability may be soon available to hackers.