Attackers are using fake Google domains spoofed with the help ofÂ internationalized domain names (IDNs)Â to host and load a Magecart credit card skimmer script with support for multiple payment gateways
The notoriousÂ MydoomÂ email worm, considered to be one of the most damaging malware strains ever developed, is still doing rounds on the Internet, working on autopilot and actively targeting email users all over the world.Â
Microsoft is currently investigating a bug which may prevent Windows 10 devices usingÂ MIT Kerberos realms to start-up or enter a restart loop after installingÂ a recent cumulative update.
Security outfit Immunity has included aÂ fully working BlueKeep exploit in theirÂ CANVAS automated pentesting utility with the release of version 7.23, on July 23.
A phishing campaign using WeTransferÂ notifications as surrogates for the run-of-the-mill malicious URLs usually employed in these type of attacksÂ was recently detected while successfully bypassing email gateways developed by Microsoft, ProofPoint, and Symantec.
A ransomwareÂ attack that hit the South African electric utility City Power from Johannesburg this morning encrypted all its systems, includingÂ databases andÂ applications.
Microsoft is rebrandingÂ Office Online to Microsoft Office as part of a larger strategy to stop usingÂ platform-specific sub-brands for products availabel on more than one platform.
A new WatchbogÂ malware variant can scanÂ for Windows computers vulnerable to BlueKeep exploits, withÂ previous variants onlyÂ being utilizedÂ to infect Linux servers compromised using Jira, Exim, Nexus Repository Manager 3,Â ThinkPHP, and SolrÂ Linux exploits.
BSI, the GermanÂ national cybersecurity authority, has issuedÂ a warningÂ regarding a malspam campaign that distributes the Sodinokibi ransomware via emails designed to look like official BSI messages.
An agreement with the FTC requires Facebook to pay a $5 billion penalty, to implement a new privacy and information protection framework, and to provide theÂ FTC with new monitoring tools after an investigationÂ launched following the Cambridge AnalyticaÂ events.
The IRS has issued a news release to remind professional tax preparers that they are required by law to have a data security plan to protect taxpayers' sensitive information from potential security threats.
BEC scammers are now targeting a company's customersÂ using a new indirect attack method designed to collect information on future scam targets by asking for aging reports from collections personnel.
Microsoft is currently in the process of developing significantly better manual threat hunting features for the Office 365 Threat Explorer, to be rolled out to all environments during August.
An ongoing malvertising campaign is targeting an unauthenticated stored cross-site scripting (XSS) vulnerability inÂ the Coming Soon Page & Maintenance Mode WordPress plugin according to Wordfence'sÂ Defiant Threat Intelligence teamâââââââ.
Microsoft says that several changes designed to make Office 365 client licensing technology more reliable for subscription-based Office clients like Office 365 ProPlus will be rolled out during August.