Microsoft Silent Update Torpedoes Windows Defender
Microsoft broke its built-in antivirus utility, thanks to a patch for a different issue.
Source: Threat Post – Web Security – Microsoft
[...]
AuthorTara Seals
IRS Emails Promise a Refund But Deliver Botnet Recruitment
The fake emails direct victims to log into a bogus IRS site.
Source: Threat Post – Web Security – IRS Emails Promise
[...]
Emotet Returns from Summer Vacation, Ramps Up Stolen Email Tactic
The ever-changing malware is jumping in the middle of people’s existing email conversations to spread itself without suspicion.
Source: Threat Post –
[...]
Asus, Lenovo and Other Routers Riddled with Remotely Exploitable Bugs
Independent researchers found 125 different CVEs across 13 different router and NAS models.
Source: Threat Post – Web Security – Asus, Lenovo
[...]
WordPress XSS Bug Allows Drive-By Code Execution
Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover.
Source: Threat Post – Web Security
[...]
Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks
At every turn, the info-stealer uses legitimate services to get around normal email, endpoint and network defenses.
Source: Threat Post – Web
[...]
Library-Themed University Phishing Attack Expands to Massive Scale
Cobalt Dickens (a.k.a. Silent Librarian) is now actively targeting 380 universities, bent on stealing credentials and moving deeper into school networks.
Source:
[...]
ThreatList: Apple Adware, Phishing, APT Attacks Threaten macOS Users
Telemetry for the first half of the year shows that Apple’s ecosystem is firmly in cybercriminals’ sights.
Source: Threat Post – Web
[...]
198 Million Car-Buyer Records Exposed Online for All to See
An Elastica DB belonging to Dealer Leads exposed a raft of information collected by “research” websites aimed at prospective car buyers.
Source:
[...]
Microsoft Addresses Two Zero-Days Under Active Attack
September Patch Tuesday leads off with two elevation-of-privilege bugs that have been exploited in the wild.
Source: Threat Post – Web Security
[...]