Category: alerts

Apple has made structural improvements in iOS 14 to block message-based, zero-click exploits. Read more

A phishing kit has been found running on at least 700 domains – and mimicking services via false SharePoint, OneDrive and Office 365 login portals. Read more

A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack. Read more

The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics. Read more

Original release date: January 28, 2021 January 28 is Data Privacy Day (DPD), an annual effort promoting data privacy awareness and education. This year’s DPD events, sponsored by the National Cyber Security Alliance (NCSA), focus on how to Own Your Privacy. The NCSA teaches users how to protect valuable data online, while encouraging businesses to… Read more

A new version of NAT slipstreaming allows cybercriminals an easy path to devices that aren’t connected to the internet. Read more

Qualys said the vuln gives any local user root access to systems running the most popular version of Sudo. Read more

Researchers publicly disclosed flaws in ADT’s LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more. Read more

An anonymous researcher identified bugs in the software’s kernel and WebKit browser engine that are likely part of an exploit chain. Read more

Original release date: January 26, 2021 The Federal Trade Commission (FTC) has released information on scammers attempting to impersonate the FTC. The scammers operate an FTC-spoofed website that claims to provide instant cash payments and tries to trick consumers into disclosing their financial information. The real FTC does not require such information and scammers can… Read more