Remcos RAT campaign delivers new variant using AutoIt wrapper
A new Remcos remote access trojan campaign uses an AutoIt wrapper to deliver a previously unknown variant featuring new obfuscation and anti-debugging techniques
Cracked.to hacking forum user data breached and leaked by rivals
A breach at online hacking forum Cracked.to resulted in a public doxxing that exposed a database containing 749,161 email accounts, as well as corresponding IP addresses
Cisco issues multiple product updates, fixes critical flaws in small business switches
Cisco Systems issued a series of security updates addressing 26 vulnerabilities, including two critical ones found in its Small Business 220 Series Smart Switches
Researcher details decades-old design flaws in Microsoft's CTF protocol
Microsoft's CTF protocol harboured a series of 20-year-old flaws that could allow unauthorised parties to take over applications that use said protocol
Varenyky malware records porn on screen, distributes sextortion spam
A cybercriminal operation that's been targeting France since May is attempting to distribute malware capable of recording the screens of victims who visit pornographic websites
Trojanised apps containing ad fraud malware downloaded 102M times
Malicious clicker trojans Android.Click.312.origin and Android.Click.313.origin have been found in a wide variety of normal-looking and operable apps, including maps, QR code readers, dictionaries, fitness trackers, route finders and text editors
Report: SEC looking into First American Financial Corp.'s leaky website
First American Financial Corp. has become the subject of a US Securities and Exchange Commission investigation, following the discovery of a website defect that left 885 million documents exposed to the public
Saefko RAT peeks at browser histories to help adversaries form optimal attack plan
A new remote access trojan scans a device's Chrome browser history and collect application data, including the number of times the user has visited specific websites
Researcher: GDPR's Right of Access policy can be abused to steal others' personal info
Poor vetting of 'Right of Access' requests under GDPR offers chance of data theft, found an Oxford University scholar
Selling zero-days to governments takes some business savvy, says former bug broker
Researchers seeking profit beyond that of a traditional bug bounty reward will require a fair share of business acumen to seal the deal, says former vulnerability broker Maor Shwartz
