Smart Doorbells on Amazon, eBay, Harbor Serious Security Issues
Matt Lewis, with NCC Group, talks to Threatpost about a slew of security and privacy issues found in smart doorbells that are being sold on Amazon and eBay.
Baidu Apps in Google Play Leak Sensitive Data
Cyberattackers could use the information to track users across devices, disable phone service, or intercept messages and phone calls.
Blackrota Golang Backdoor Packs Heavy Obfuscation Punch
Blackrota is targeting a security bug in Docker, but is nearly impossible to reverse-analyze.
Tesla Hacked and Stolen Again Using Key Fob
Belgian researchers demonstrate third attack on the car manufacturer’s keyless entry system, this time to break into a Model X within minutes.
Lookalike domains and how to outfox them
Our colleagues already delved into how cybercriminals attack companies through compromised email addresses of employees, and how to protect against such attacks using SPF, DKIM and DMARC technologies. But despite the obvious pluses of these solutions, there is a way to bypass them that we want to discuss. But let’s start from a different angle:…
Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One.
GoDaddy Employees Tricked into Compromising Cryptocurrency Sites
‘Vishing’ attack on GoDaddy employees gave fraudsters access to cryptocurrency service domains NiceHash, Liquid.
TA416 APT Rebounds With New PlugX Malware Variant
The TA416 APT has returned in spear phishing attacks against a range of victims – from the Vatican to diplomats in Africa – with a new Golang version of its PlugX malware loader.
Spotify Users Hit with Rash of Account Takeovers
Users of the music streaming service were targeted by attackers using credential-stuffing approaches.
Manchester United: IT Systems Disrupted in Cyberattack
The popular U.K. soccer club confirmed an attack but said personal fan data remains secure.