This hybrid campaign combines the benefits of scale and legitimacy by leveraging Google Services with social engineering attacks, more commonly associated with BEC schemes.

The January 2021 CPU also includes fixes for CVE-2020-14750, an exploited vulnerability in WebLogic Server, which Oracle addressed with the release of an out-of-band update on November 1, 2020.

53% of CISOs and CSOs in the UK&I reported that their organization suffered at least one significant cyberattack in 2020, with 14% experiencing multiple attacks, a Proofpoint survey reveals.

The new browser iteration arrives with patches for a total of 36 vulnerabilities. The flaws can be exploited if the user visits or is redirected to a specially crafted webpage.

Detections of cryptomining malware surged by 53% quarter-on-quarter in the final three months of 2020 as the value of Bitcoin soared higher than ever before, according to security firm Avira.

Vulnerabilities found in multiple video conferencing mobile applications allowed attackers to listen to users’ surroundings without permission before the person on the other end picked up the calls.

Precision Spine Care, a Texas-based spinal care center, has warned of a potential data breach after an unauthorized individual gained access to an employee email account to fraudulently divert funds.

Over the weekend, a threat actor known as ShinyHunters shared a database for free on a hacker forum that he claims was stolen from Pixlr while he breached the 123rf stock photo site.

Threat actors reportedly targeted a Shabbat service, held in honor of Martin Luther King Jr., that was being broadcast live over the internet from Atlanta synagogue The Temple on January 15.

New research by New Zealand company Emsisoft has found that a cyber-blackmail tactic first debuted by ransomware gang MAZE has been adopted by over a dozen other criminal cyber-gangs.