Android malware can intercept and steal OTPs and login credentials, leading to complete account takeovers.
The post Massive OTP-Stealing Android Malware Campaign Discovered appeared first on SecurityWeek.
Fraud ring pushes 600+ fake web shops via Facebook ads
A malicious fraud campaign dubbed “ERIAKOS” promotes more than 600 fake web shops through Facebook advertisements to steal visitors’ personal and financial information. […]
DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight
Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain.
The company said it will be taking the step of revoking certificates that do not have proper Domain Control Validation (DCV).
“Before issuing a certificate to a
The company said it will be taking the step of revoking certificates that do not have proper Domain Control Validation (DCV).
“Before issuing a certificate to a
Vulnerabilities Enable Attackers to Spoof Emails From 20 Million Domains
Vulnerabilities in hosted email services allow attackers to spoof the identity of senders, bypassing security measures.
The post Vulnerabilities Enable Attackers to Spoof Emails From 20 Million Domains appeared first on SecurityWeek.
CrowdStrike Faces Lawsuits From Customers, Investors
CrowdStrike is facing lawsuits from investors and customers following the incident that caused massive global outages.
The post CrowdStrike Faces Lawsuits From Customers, Investors appeared first on SecurityWeek.
North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS
The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems.
The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea, North America, Europe, and the Middle East.
“This form of attack is an
The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea, North America, Europe, and the Middle East.
“This form of attack is an
Microsoft says massive Azure outage was caused by DDoS attack
Microsoft confirmed today that a nine-hour outage on Tuesday that took down and disrupted multiple Microsoft 365 and Azure services worldwide was triggered by a distributed denial-of-service (DDoS) attack. […]
City of Columbus Says Data Compromised in Ransomware Attack
The City of Columbus is investigating the scope of a data breach resulting from a thwarted ransomware attack.
The post City of Columbus Says Data Compromised in Ransomware Attack appeared first on SecurityWeek.
CISA and FBI Release Joint PSA: Putting Potential DDoS Attacks During the 2024 Election Cycle in Context
Chrome 127 Improves Cookie Protection on Windows
Google has improved the security of cookies in Chrome on Windows and rolled out a Chrome 127 update to address critical- and high-severity vulnerabilities.
The post Chrome 127 Improves Cookie Protection on Windows appeared first on SecurityWeek.