TrickBot Attack Exploits COVID-19 Fears with DocuSign-Themed Ploy
Threat actors are spreading the tricky trojan through fake messages in another opportunistic COVID-19-related campaign, said IBM X-Force.
Microsoft Sway Abused in Office 365 Phishing Attack
The “PerSwaysion” attackers have leveraged a plethora of Microsoft services to compromise at least 150 executives in a highly targeted phishing campaign.
Salt Bugs Allow Full RCE as Root on Cloud Servers
Researchers say the bugs are easy to exploit and will likely be weaponized within a day.
Building for Billions: Addressing Security Concerns for Platforms at Scale
Lessons from Facebook and Google show how to safely scale your environment for security.
New Android Malware Targets PayPal, CapitalOne App Users
Researchers warn that the EventBot Android malware, which targets over 200 financial apps, could be the “next big mobile malware.”
Shade Threat Actors Call It Quits, Release 750K Encryption Keys
The team behind the ransomware, first spotted in late 2014 and typically targeting Russian victims, apologized to victims in a post on GitHub.
APT trends report Q1 2020
For more than two years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports. They…
Enforce Primary Key constraints on Replication
In this post, we introduce a configuration option that controls whether replication channels allow the creation of tables without primary keys. This continues our recent work on replication security, where we allowed users to enforce privilege checks, and/or enforce row-based events.…