Earlier this week, Twitter locked down thousands of verified accounts, including the accounts of Joe Biden, Bill Gates, Elon Musk, Apple, Uber and others, after it became clear that hackers had been able to compromise them. Twitter's internal investigation is ongoing, but the social-media giant did say that hackers had somehow compromised the company's internal systems and secured employee privileges. READ MORE...
The critical remote code execution security vulnerability in Windows DNS known as SIGRed has received a micropatch for servers without an Extended Security Updates (ESU) license. SIGRed can be exploited in a wormable fashion, allowing an adversary to expand their attack to all affected systems on the network without user interaction. It received the tracking number CVE-2020-1350 and the maximum severity score, 10 out of 10. READ MORE...
Adobe has added two-factor authentication (2FA) throughout the Magento platform in response to the widespread number of attacks where skimmer scripts are deployed on hacked e-commerce sites to steal customers' credit cards. "Using 2FA security will better protect you from malicious users attempting to perform unauthorized logins in three different areas: Magento[.]com accounts, Cloud Admin, and the Magento Admin," Adobe says. READ MORE...
Emotet, the world's most costly and destructive botnet, returned from a five-month hiatus on Friday with a blast of malicious spam aimed at spreading a backdoor that installs ransomware, bank-fraud trojans, and other nasty malware. The botnet sent a hefty 250,000 messages during the day, mostly to people in the United States and the United Kingdom, Sherrod DeGrippo, senior director of threat research and detection at security firm Proofpoint, told Ars. READ MORE...
Security researchers at ESET have identified a new campaign targeting Mac users with trojanized cryptocurrency trading apps designed to deliver the GMERA malware. Previous attacks involving this malware family were observed leveraging malicious versions of the trading app Stockfolio, and security researchers also associated the GMERA Trojan with the activities of North Korean hackers. READ MORE...
If you needed another reason not to use a charger made available at a coffeeshop or airport or by an acquaintance, here it is: maliciously modified fast chargers may damage your phone, tablet or laptop and set it on fire. Researchers from Tencent's Xuanwu Lab have demonstrated how some fast chargers may be easily and quickly modified to deliver too much power at once and effectively "overwhelm" digital devices: READ MORE...