Web Security Archives | CW Enterprises

Articles targeted at Web App Security, hacks, guides, how to’s and the latest vulnerabilities.

GoDaddy Employees Tricked into Compromising Cryptocurrency Sites

23rd November 2020Becky Bracken

‘Vishing’ attack on GoDaddy employees gave fraudsters access to cryptocurrency service domains NiceHash, Liquid. Source: Threat Post – Web Security – GoDaddy [...]

TA416 APT Rebounds With New PlugX Malware Variant

23rd November 2020Lindsey O Donnell

The TA416 APT has returned in spear phishing attacks against a range of victims – from the Vatican to diplomats in Africa – [...]

Spotify Users Hit with Rash of Account Takeovers

23rd November 2020Tara Seals

Users of the music streaming service were targeted by attackers using credential-stuffing approaches. Source: Threat Post – Web Security – Spotify Users [...]

Manchester United: IT Systems Disrupted in Cyberattack

23rd November 2020Tara Seals

The popular U.K. soccer club confirmed an attack but said personal fan data remains secure. Source: Threat Post – Web Security – [...]

Joe Biden Campaign Subdomain Down After Hacktivist Defacement

23rd November 2020Lindsey O Donnell

A Turkish hacktivist defaced a subdomain of the president-elect’s campaign website. Source: Threat Post – Web Security – Joe Biden Campaign Subdomain [...]

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

20th November 2020Becky Bracken

Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. Source: Threat Post [...]

Good Heavens! 10M Impacted in Pray.com Data Exposure

20th November 2020Tara Seals

The information exposed in a public cloud bucket included PII, church-donation information, photos and users’ contact lists. Source: Threat Post – Web [...]

New Grelos Skimmer Variants Siphon Credit Card Data

20th November 2020Lindsey O Donnell

Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far. Source: Threat Post – [...]

Robot Vacuums Suck Up Sensitive Audio in ‘LidarPhone’ Hack

19th November 2020Lindsey O Donnell

Researchers have unveiled an attack that allows attackers to eavesdrop on homeowners inside their homes, through the LiDAR sensors on their robot vacuums. [...]

German COVID-19 Contact-Tracing Vulnerability Allowed RCE

19th November 2020Becky Bracken

Bug hunters at GitHub Security Labs help shore up German contact tracing app security, crediting open source collaboration. Source: Threat Post – [...]