Gmail Glitch Enables Anonymous Messages in Phishing Attacks
A glitch in the UX in Gmail allows the “from” field to be forged so there is no sender listed in the email’s
[...]
AuthorLindsey O Donnell
VisionDirect Blindsided by Magecart in Data Breach
Researchers say the Magecart threat group skimmed data of VisionDirect customers using fake Google Analytics scripts.
Source: Threat Post – Web Security
[...]
Cryptojacking Attack Targets Make-A-Wish Foundation Website
Hackers took advantage of an unpatched Drupal vulnerability in the organization’s website to launch a cryptojacking attack.
Source: Threat Post – Web
[...]
Gmail Glitch Offers Stealthy Trick for Phishing Attacks
The issue comes from how Gmail automatically files messages into the “Sent” folder.
Source: Threat Post – Web Security – Gmail Glitch
[...]
Lock-Screen Bypass Bug Quietly Patched in Handsets
The flaw in a high-end phones and up-and-coming handsets made by top OEMs allows hackers to bypass handset lock screens in seconds.
[...]
Connected Wristwatch Allows Hackers to Stalk, Spy On Children
“Our advice is to stop using this watch” as mitigations are not available, researchers told Threatpost.
Source: Threat Post – Web Security
[...]
Adobe Fixes Acrobat and Reader Flaw With Publicly-Available PoC
Overall, the company released only three patches as part of its regularly-scheduled November update.
Source: Threat Post – Web Security – Adobe
[...]
Malware-Laced App Lurked on Google Play For a Year
Google Play’s policy prohibits apps or SDKs that download executable code, such as dex files or native code, from a source other than
[...]
Recently-Patched Adobe ColdFusion Flaw Exploited By APT
The critical vulnerability, which was patched earlier in September, has put ColdFusion servers at risk.
Source: Threat Post – Web Security –
[...]
Threatpost News Wrap Podcast for Nov. 9
The Threatpost editors break down the top news stories from this week.
Source: Threat Post – Web Security – Threatpost News Wrap
[...]