BAHAMUT Spies-for-Hire Linked to Extensive Nation-State Activity
Researchers uncovered a sophisticated, incredibly well-resourced APT that has its fingers in wide-ranging espionage and disinformation campaigns.
Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users.
PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict
Spear-phishing attacks targeting VIPs and others show key malware changes and are likely linked to the current conflict with Armenia.
IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish
The upcoming deadlines for applying for coronavirus relief are the lure for a phish that gets around email security gateways by using a legitimate SharePoint page for data-harvesting.
Comcast TV Remote Hack Opens Homes to Snooping
Researchers disclosed the ‘WarezTheRemote’ attack, affecting Comcast’s XR11 voice remote control.
Grindr’s Bug Bounty Pledge Doesn’t Translate to Security
At [email protected], Luta Security CEO Katie Moussouris stressed that bug bounty programs aren’t a ‘silver bullet’ for security teams.
Male Chastity Device Comes with Massive Security Flaws
Smart sex toy vulnerable to hacks, researchers say — which could expose users’ most sensitive bits (of data) to cybercriminals.
Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack
The Magecart spinoff group targeted the wireless service provider in an odd choice of victim.
Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors
Microsoft warns that the MERCURY APT has been actively exploiting CVE-2020-1472 in campaigns for the past two weeks.
COVID-19 Clinical Trials Slowed After Ransomware Attack
The attack on eResearchTechnology potentially slowed down coronavirus research worldwide, and researchers suggest a nation-state actor could be behind the incident.