Latest Cyberattack Against Iran Part of Ongoing Campaign

By ThreatPost | July 5, 2022

Iran’s steel manufacturing industry is victim to ongoing cyberattacks that previously impacted the country’s rail system.

Google Patches Actively Exploited Chrome Bug

By ThreatPost | July 5, 2022

The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code.

ZuoRAT Can Take Over Widely Used SOHO Routers

By ThreatPost | June 30, 2022

Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.

A Guide to Surviving a Ransomware Attack

By ThreatPost | June 30, 2022

Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and intentionality to our defense posture.

Leaky Access Tokens Exposed Amazon Photos of Users

By ThreatPost | June 29, 2022

Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents.

Patchable and Preventable Security Issues Lead Causes of Q1 Attacks

By ThreatPost | June 29, 2022

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks.

Top Six Security Bad Habits, and How to Break Them

By ThreatPost | June 28, 2022

Shrav Mehta, CEO, Secureframe, outlines the top six bad habits security teams need to break to prevent costly breaches, ransomware attacks and prevent phishing-based endpoint attacks.

Mitel VoIP Bug Exploited in Ransomware Attacks

By ThreatPost | June 28, 2022

Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim’s environments.

Google Warns Spyware Being Deployed Against Android, iOS Users

By ThreatPost | June 24, 2022

The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs.

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

By ThreatPost | June 23, 2022

The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.