| Threatpost |
|---|
| Student Loan Breach Exposes 2.5M Records |
| Wed, 31 Aug 2022 12:57:48 +0000 2.5 million people were affected, in a breach that could spell more trouble down the line. |
| Watering Hole Attacks Push ScanBox Keylogger |
| Tue, 30 Aug 2022 16:00:43 +0000 Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. |
| Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms |
| Mon, 29 Aug 2022 14:56:19 +0000 Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. |
| Ransomware Attacks are on the Rise |
| Fri, 26 Aug 2022 16:44:27 +0000 Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. |
| Cybercriminals Are Selling Access to Chinese Surveillance Cameras |
| Thu, 25 Aug 2022 18:47:15 +0000 Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. |
| Twitter Whistleblower Complaint: The TL;DR Version |
| Wed, 24 Aug 2022 14:17:04 +0000 Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. |
| Firewall Bug Under Active Attack Triggers CISA Warning |
| Tue, 23 Aug 2022 13:19:58 +0000 CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP. |
| Fake Reservation Links Prey on Weary Travelers |
| Mon, 22 Aug 2022 13:59:06 +0000 Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. |
| iPhone Users Urged to Update to Patch 2 Zero-Days |
| Fri, 19 Aug 2022 15:25:56 +0000 Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. |
| Google Patches Chrome’s Fifth Zero-Day of the Year |
| Thu, 18 Aug 2022 14:31:38 +0000 An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack. |