Android banking trojan spreads via fake Google Play Store page
An Android banking trojan targeting Itaú Unibanco, a large financial services provider in Brazil with 55 million customers globally, is…
Apple fixes macOS security flaw behind Gatekeeper bypass
Apple has addressed a macOS vulnerability that unsigned and unnotarized script-based apps could exploit to bypass all macOS security protection…
AvosLocker ransomware reboots in Safe Mode to bypass security tools
Recent AvosLocker ransomware attacks are characterized by a focus on disabling endpoint security solutions that stand in the way of…
UPDATE: Civic Center Station Reopens, Service Restored After Body Found on BART Tracks
SAN FRANCISCO (CBS SF) – BART and Muni Metro service was seriously impacted Tuesday evening...
800K WordPress sites still impacted by critical SEO plugin flaw
Two critical and high severity security vulnerabilities in the highly popular "All in One" SEO WordPress plugin exposed over 3 million websites…
FBI: State hackers exploiting new Zoho zero-day since October
The Federal Bureau of Investigation (FBI) says a zero-day vulnerability in Zoho's ManageEngine Desktop Central has been under active exploitation by state-backed hacking…
Phishing attacks impersonate Pfizer in fake requests for quotation
Threat actors are conducting a highly targeted phishing campaign impersonating Pfizer to steal business and financial information from victims. [...]
Timely Questions for Log4j Response Now — And for the Future
EXPERT INSIGHT: How to assess your exposure to the vulnerability with a combination of asset inventory, testing, solid information sources,…
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
Everyone's heard of the critical log4j zero-day by now. Dubbed 'Log4Shell,' the vulnerability has set the internet on fire. Below we summarize…
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say.