“One significant threat to using a password manager like LastPass is that if that account falls into the wrong hands you lose everything, which means attacks on those services are even more of a threat to users.”
Mitigating a 754 Million PPS DDoS Attack Automatically
“On June 21, Cloudflare automatically mitigated a highly volumetric DDoS attack that peaked at 754 million packets per second.”
Microsoft releases emergency security update to fix two bugs in Windows codecs
“Microsoft has published on Tuesday two out-of-band security updates to patch two vulnerabilities in the Microsoft Windows Codecs Library. Tracked as CVE-2020-1425 & CVE-2020-1457, the two bugs only impact Windows 10 and Windows Server 2019 distributions.”
Security firm warns of new malware strain ‘wreaking havoc’ on Windows PCs
“During the Great GPU Shortage of Yesteryear, cryptocurrency mining was all the rage. This also gave way to a class of ‘cryptojacking’ malware that would attempt to pilfer computing resources from an infected PC and use them to most often mine Monero. That has not been a big concern in a long while.”
Chinese bank requires foreign firm to install app with covert backdoor
“A large, multinational technology company got a nasty surprise recently as it was expanding its operations to China. The software a local bank required the company to install so it could pay local taxes contained an advanced backdoor.”
Fake VPN messages used to lure Office 365 phishing victims
“A new phishing campaign is targeting Office 365 customers by impersonating their organizations in messages telling them they need to update their VPN configuration while working remotely.”
NAS devices targeted by ransomware attack
“QNAP network-attached storage (NAS) devices are once again under attack as the operators of the eCh0raix ransomware have launched a new wave of attacks. The eCh0raix ransomware was first deployed last July when its creators released the first version of their malware into the wild.”
New Apple Security Blow: If You Have An iPhone, Look Away Now
“Apple had been hoping to move past its recent run of security warnings—but no such luck. After a dreadful April, here we are in May with yet another security blow for the hundreds of millions of iOS users around the world.”
Uncle Sam to agencies: No encrypted DNS for you!
“The US federal government has been protecting its users by blocking malicious destinations for years, but it won’t let them take advantage of the latest protective measure in DNS – encryption – just yet.”
Beware calls from unknown numbers – this top messaging app has placed millions of iOS and Android users at risk
“Researchers have identified a critical vulnerability in popular privacy-centric messaging app Signal, affecting millions of iOS and Android users.”