Category Archives: Latest Warnings

Auto Added by WPeMatico

A Little Sunshine, Bill Woodcock, Dani Cronce, DHCP option 121, DHCP starvation attack, Dynamic Host Control Protocol, John Kristoff, Krebs, Latest Warnings, Leviathan Security, Lizzie Moratti, News, Packet Clearing House, Security, The Coming Storm, Web Fraud 2.0

Why Your VPN May Not Be As Secure As It Claims

Posted on by [email protected]
06
May

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by […]

Continue reading
A Little Sunshine, August.com, Chirp Systems, Krebs, Latest Warnings, Matt Brown, News, ProPublica, RealPage Inc., Security, Security Tools, U.S. Cybersecurity & Infrastructure Security Agency

Crickets from Chirp Systems in Smart Lock Key Leak

Posted on by [email protected]
15
Apr

The U.S. government is warning that “smart locks” securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, […]

Continue reading
A Little Sunshine, Alexandr Ermakov, Andrey Sokol, Breadcrumbs, fory66399, Hkleaks, Krebs, Latest Warnings, MetaMask, News, Privnote, privnote.com, Russia's War on Ukraine, Security, Taylor Monahan, Tornote.io, Web Fraud 2.0

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Posted on by [email protected]
04
Apr

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses […]

Continue reading
A Little Sunshine, Adam Kidan, Brett Sholtis, Empire Workforce Solutions, Krebs, LancasterOnline.com, Latest Warnings, multi-persona phishing, Ne'er-Do-Well News, News, phishing, proofpoint, Ryan Kalember, Security, thread hijacking, Tom Murse, Web Fraud 2.0

Thread Hijacking: Phishes That Prey on Your Curiosity

Posted on by [email protected]
28
Mar

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient’s natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here’s […]

Continue reading
A Little Sunshine, apple, Apple Recovery Key, Kishan Bagaria, Krebs, Latest Warnings, MFA bombing, MFA fatigue, News, Parth Patel, PeopleDataLabs, Security, The Coming Storm

Recent ‘MFA Bombing’ Attacks Targeting Apple Users

Posted on by [email protected]
26
Mar

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to […]

Continue reading
A Little Sunshine, BlueNoroff, Chris Ueland, Hunt.io, Kaspersky Labs, Krebs, Latest Warnings, Lazarus Group, Mac malware, News, Recorded Future, Security, Web Fraud 2.0, X-Protect

Calendar Meeting Links Used to Spread Mac Malware

Posted on by [email protected]
28
Feb

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly, a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts […]

Continue reading
A Little Sunshine, alex holden, Data Breaches, Hold Security, Krebs, Latest Warnings, News, Securence, Security, Travis Carter, U.S. Internet Corp.

U.S. Internet Leaked Years of Internal, Customer Emails

Posted on by [email protected]
14
Feb

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of […]

Continue reading
Adam Barnett, CVE-2024-21351, CVE-2024-21410, CVE-2024-21412, CVE-2024-21413, Immersive Labs, Kevin Breen, Krebs, Latest Warnings, Microsoft Office, News, Patch Tuesday February 2024, Rapid7, Satnam Narang, Security, Security Tools, Tenable, Time to Patch, trend micro, Windows SmartScreen

Fat Patch Tuesday, February 2024 Edition

Posted on by [email protected]
13
Feb

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks. Top of the heap on this Fat Patch Tuesday is CVE-2024-21412, a “security feature bypass” in the way Windows handles Internet Shortcut […]

Continue reading
A Little Sunshine, Juniper Networks, Krebs, Latest Warnings, Logan George, News, Nicholas Weaver, Security

Juniper Support Portal Exposed Customer Device Info

Posted on by [email protected]
09
Feb

Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from […]

Continue reading