| Threatpost |
|---|
| Microsoft Edge, Google Chrome Roll Out Password Protection Tools |
| Fri, 22 Jan 2021 21:57:10 +0000 The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords. |
| Amazon Kindle RCE Attack Starts with an Email |
| Fri, 22 Jan 2021 21:55:34 +0000 The "KindleDrip" attack would have allowed attackers to siphon money from unsuspecting victims. |
| ADT Tech Hacks Home-Security Cameras to Spy on Women |
| Fri, 22 Jan 2021 19:08:00 +0000 A former ADT employee pleads guilty of accessing customers’ cameras so he could spy on them. |
| Discord-Stealing Malware Invades npm Packages |
| Fri, 22 Jan 2021 18:35:24 +0000 The CursedGrabber malware has infiltrated the open-source software code repository. |
| Ransomware Attackers Publish 4K Private Scottish Gov Agency Files |
| Fri, 22 Jan 2021 17:30:52 +0000 Up to 4,000 stolen files have been released by hackers who launched a ransomware attack against the Scottish Environmental Protection Agency on Christmas Eve. |
| Threat Actors Can Exploit Windows RDP Servers to Amplify DDoS Attacks |
| Fri, 22 Jan 2021 12:45:42 +0000 Netscout researchers identify more than 14,000 existing servers that can be abused by ‘the general attack population’ to flood organizations’ networks with traffic. |
| Einstein Healthcare Network Announces August Breach |
| Thu, 21 Jan 2021 20:00:13 +0000 Einstein is in violation of the the HHS 60-day breach notification rule, but unlikely to face penalty. |
| SQL Server Malware Tied to Iranian Software Firm, Researchers Allege |
| Thu, 21 Jan 2021 19:42:41 +0000 Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm. |
| Google Forms Set Baseline For Widespread BEC Attacks |
| Thu, 21 Jan 2021 15:02:34 +0000 Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms. |
| Google Searches Expose Stolen Corporate Credentials |
| Thu, 21 Jan 2021 14:00:41 +0000 A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments. |