Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.Read more
Much is made of shared responsibility for cloud security. But Oliver Tavakoli, CTO at Vectra AI, notes there’s no guarantee that Azure or AWS are delivering services in a hardened and secure manner.Read more
Kaspersky researchers saw The North Korean state APT use a new variant of the BlindingCan RAT to breach a Latvian IT vendor and then a South Korean think tank.Read more
New software and code stand at the core of everything we do, but how well is all of this new code tested? Luckily, autonomous application security is here.Read more
Fake Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappropriate content.”Read more
The misbehaving Firefox add-ons were misusing an API that controls how Firefox connects to the internet.Read more
UltimaSMS leverages at least 151 apps that have been downloaded collectively more than 10 million times, to extort money through a fake premium SMS subscription service.Read more
A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge.
The premium SMS scam campaign — dubbed “UltimaSMS” — is belie…
Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users that were found misusing the Proxy API to impede downloading updates to the browser.
The two extensions in question, named Bypass and Bypass XM, “interfered…
No security defense is perfect, and shadow IT means no company can inventory every single asset that it has. David “moose” Wolpoff, CTO at Randori, discusses strategies for core asset protection given this reality.Read more