Security Intelligence

Hackers observed abusing open redirect scripts in recent phishing campaign

Field Effect has detected a limited and brief phishing campaign that takes advantage of misconfigurations in...

Security Intelligence

Mozilla patches Firefox and Thunderbird vulnerabilities exploited in the wild

On September 12, Mozilla released emergency patches to address a zero-day vulnerability affecting its Firefox browser...

Security Intelligence

Melting an IcedID sponsored Google ad for trojanized Webex download file

Field Effect security intelligence analysts were recently alerted to an incident in which IcedID malware was detected...

Security Intelligence

Apple releases emergency patch to fix zero-day vulnerability exploited by Pegasus Spyware

Apple released an emergency patch to address two zero-day vulnerabilities in the operating systems of its popular iPad,...

Security Intelligence

Apple users getting ‘flipped off’ with iOS Bluetooth spam attacks

A researcher uses a small portable pen testing tool, Flipper Zero, to aggressively spam Apple device users with bogus...

Security Intelligence

Hackers chain vulnerabilities and use social engineering to compromise corporate MinIO storage systems

Unknown threat actors have cleverly combined social engineering and vulnerability chaining to successfully compromise...

Security Intelligence

Cisco VPN appliances targeted in credential stuffing and brute-force campaign

At least two ransomware groups, Akira and Lockbit, have been observed conducting credential stuffing and brute-force...

Security Intelligence

Vulnerability in popular WordPress migration plugin could allow access to sensitive site information

A vulnerability has been found in the WordPress site migration plugin, All-in-One WP Migration, which has over 5...

Security Intelligence

FBI warns Barracuda patch not effective, recommends replacement

The Federal Bureau of Investigation (FBI) has warned that Barracuda Email Security Gateway (ESG) appliances continue to...

Security Intelligence

Creepy ‘Whiffy Recon’ malware designed to give hackers victims’ location

Learn more about Whiffy Recon, a new Wi-Fi scanning malware that has been observed on Windows machines previously...

Security Intelligence

Ivanti fixes API authentication bypass vulnerability in Sentry

Updates are available for Ivanti Sentry appliances to address a vulnerability that allowed attackers to access exposed...

Security Intelligence

Specially crafted WinRAR files could allow remote code execution

RARLAB has released a patch to fix a flaw in WinRAR, the popular Windows file archiver utility, that could allow remote...