Phishing Campaigns Using Offer of Coronavirus Financial Relief as Lure
Governments around the world are developing financial relief packages to help citizens that have been unable to work due to the coronavirus and are facing extreme financial difficulties, and cybercriminals are taking advantage. Campaigns have been detected that use the offer of financial relief due to the coronavirus pandemic as a lure to trick people into disclosing sensitive information or installing malware. Over the past few...
Micropatch Released for Actively Exploited Windows Font Processing Vulnerabilities
Library were being actively exploited in the wild. The flaws concern how type 1 PostScript fonts are handled. The flaws can be exploited if a user is convinced to open a specially crafted document; however, it is also possible to exploit the flaws if a document is viewed in the Windows preview pane. The flaws affect Windows 10, Windows 8.1, Windows 7, Windows Server 2019, 2016, 2012, 2012 R2, 2008 and 2008 R2. Microsoft reports that...
Cybercriminals are Changing DNS Settings on Routers to Deliver Malware Through Fake Coronavirus Apps
A malware distribution campaign has been detected that uses malicious coronavirus apps to deliver the Oski information stealing Trojan. The campaign was detected by Bitdefender which reports that 1,193 individuals have been targeted in just a couple of days from March 18. Attempts have been made to shut down the malware repositories that are being used by the attackers, but it is probable that others will be set up to take their...
Hacked News Sites Used to Spread Malware Disguised as Google Chrome Update
If you visit a website and are advised that you need to update Google Chrome, do not download the update. A campaign has been identified that is using fake Google Chrome updates to trick web visitors into downloading and installing malware. The hacking group is targeting news websites and corporate sites running WordPress and injecting malicious JavaScript code that redirects visitors to landing pages on malicious websites that claim...
Database Containing Extensive Information of 200 Million Americans Exposed Online
A database on the Google Cloud platform containing 800 gigabytes of data and over 200 million user records has been misconfigured and was exposed online, according to researchers at CyberNews. The database contained a folder that included detailed information on around 200 million Americans, including full names, phone numbers, email addresses, dates of birth, credit ratings, home addresses, mortgaged property addresses, number of...