Summary X-Force has identified a new squatting campaign used by threat actors to target the finance and insurance sector. The campaign has a global scope assumingly luring users into giving away their login credentials. Threat Type Squatting Domain, Phishing Domain,…
Read MoreCybersecurity and Infrastructure Security Agency (CISA) Warns Against COVID-19 Cyber Scams and Provides Security Tips Avoid clicking on links in unsolicited emails and be wary of email attachments. Review CISA Insights on Risk Management for COVID-19 for more information. Why Coronavirus? There’s…
Read MoreThe Australian privacy regulator filed a lawsuit against Facebook, accusing the social media giant of sharing the personal details of more than 300,000 people with political consultant Cambridge Analytica without their knowledge. In the Federal Court lawsuit, the Australian Information…
Read More
Summary Another report on the activities of the North Korean-based threat group, Kimsuky, has been published by Yoroi ZLab. A previous report was covered in a collection that is available from the Linked Collections section. Threat Type Malware, APT,…
Read MoreCathay Pacific Airways was today hit by a £500,000 fine by the UK regulator for a mass data breach that saw hackers steal passport numbers, emails and dates of birth from 9.4 million passengers including 111,000 Britons. The Information Commissioner's Office…
Read More
On February 11th, 2020 Microsoft disclosed a Memory Corruption Vulnerability in Microsoft Exchange Servers [1]. An authenticated user could exploit this vulnerability to cause remote code execution (RCE) on vulnerable Microsoft Exchange Servers. It is probable that public exploitation of…
Read MoreMisconfigured Microsoft cloud databases containing 14 years of customer support logs exposed 250 million records to the open internet for 25 days. The account info dates back as far as 2005 and is as recent as December 2019 — and…
Read More
Google said Monday (February 24, 2020) it has patched a Chrome web browser zero-day bug being actively exploited in the wild. The flaw affects versions of Chrome running on the Windows, macOS and Linux platforms. The zero-day vulnerability, tracked as CVE-2020-6418, is a type of confusion bug and has a…
Read MorePCI SSC has begun efforts on PCI Data Security Standard version 4.0 (PCI DSS v4.0). Here we provide more insight into the development process and how PCI SSC is looking at changing the standard to support businesses around the world…
Read MoreFill out the form and we’ll be in touch as soon as possible or call our team on 1800 816 044.