WooCommerce Falls to Fresh Card-Skimmer Malware
The payment-card stealer differs from typical malware targeting WordPress-based e-commerce environments.
Critical VMware Bug Opens Up Corporate Treasure to Hackers
The bug — rated 10 in severity — potentially affects large numbers of corporate VMs and hosts.
Apple App Store Riddled With Money-Sucking Fleeceware Apps
Researchers warn that apps that market themselves as “free” are tricking users to subscribe to services that rack up as much as $500 in charges yearly.
Travelex Pays $2.3M in Bitcoin to Hackers Who Hijacked Network in January
The payout stems from a system-wide attack that knocked global networks offline on New Year’s Eve and reflects a shift in thinking about ransom payouts
Compromised Zoom Credentials Swapped in Underground Forums
Thousands of compromised Zoom credentials were discovered in underground forums as cybercriminals look to tap into the burgeoning remote workforce.
Cloudflare Axes Google reCAPTCHA Due to Privacy, Price
Cloudflare’s CEO said it is replacing Google’s reCAPTCHA tool with hCaptcha due to pricing, privacy and availability concerns.
Unique P2P Architecture Gives DDG Botnet ‘Unstoppable’ Status
DDG might be the world’s first P2P-based cryptomining botnet.
Copycat Site Serves Up Raccoon Stealer
Visitors to the fake site expecting antivirus offerings will instead encounter the Fallout exploit kit and a possible malware infection.
Zoom Taps Ex-Facebook CISO Amid Security Snafus, Lawsuit
The online videoconferencing service added Alex Stamos to the team and has also formed an expert advisory board to grapple with the pains of its COVID-19 growth spurt.
Cisco ‘Critical Update’ Phishing Attack Steals Webex Credentials
Emails purporting to be a Cisco “critical security advisory” are actually part of a phishing campaign trying to steal victims’ Webex credentials.