“Cyber criminals are sending over three billion emails a day as part of phishing attacks designed to look like they come from trusted senders.”
WARNING: A New Android Zero-Day Vulnerability Is Under Active Attack
“Google has disclosed that a now-patched vulnerability affecting Android devices that use Qualcomm chipsets is being weaponized by attackers to launch targeted attacks. Tracked as CVE-2020-11261 (CVSS score 8.”
Nasty malware stealing Amazon, Facebook and Google passwords — protect yourself now
“We at Tom’s Guide have tried to stress over the years that if you want software, you should just buy it. It’s a lot cheaper than having all of your online credentials stolen. This information comes courtesy of Proofpoint, a security firm based in Sunnyvale, California.”
QNAP NAS Devices Can Be Hacked for Cryptomining—Update Yours Now
“QNAP’s unpatched network-attached-storage (NAS) devices are the latest devices to be targeted in ongoing attacks, which are aimed at taking them over for use as cryptocurrency miners.”
Nearly 40,000 Macs infected by mysterious malware, researchers say
“Mysterious malware — that has not yet engaged in malicious activity — has infected nearly 40,000 Mac devices, according to the cybersecurity firm Red Canary, which first detected the threat.”
Microsoft is seeing a big spike in Web shell use
“Security personnel at Microsoft are seeing a big increase in the use of Web shells, the light-weight programs that hackers install so they can burrow further into compromised websites.”
Beware: Malicious Home Depot ad gets top spot in Google Search
“Malicious Google search ads are nothing new, with campaigns for Amazon Prime, PayPal, and eBay seen in the past. As these ads look like legitimate campaigns for the company, including showing their standard URL when you hover over them, it is common for people to be tricked into clicking on them.”
Google warns of ‘novel social engineering method’ used to hack security researchers
“Government-backed hackers based in North Korea are targeting individual security researchers through a number of means including a “novel social engineering method,” Google’s Threat Analysis Group is reporting.”
Signal CEO Moxie Marlinspike explains his vision for the app — and what he sees as the biggest threats to privacy
“Signal cofounder and CEO Moxie Marlinspike couldn’t have predicted the events of the past year — but they’ve nevertheless contributed to the app’s massive growth in popularity. The encrypted messaging app is best-known for its commitment to privacy.”
CISA tells agencies to consider ad blockers to fend off ‘malvertising’
“The U.S. Cybersecurity and Infrastructure Security Agency urged federal agencies on Thursday to deploy ad-blocking software and standardize web browser usage across their workforces in order to fend off advertisements implanted with malware.”
