Security News > 2020 > March
While the affected service may reset passwords to prevent abuse, it's not uncommon for users to set the same password for other websites as well, leaving them exposed to credential stuffing attacks. Microsoft says the Password Monitor feature in Edge will notify users if the password they are entering using autofill has been offered for sale on dark web sites.
The Zeus Sphinx banking trojan is back after being off the scene for nearly three years. First seen in August 2015, Sphinx is a modular malware based on the leaked source code of the infamous Zeus banking trojan, the researchers explained.
In protest of that story, forum members donated hundreds of thousands of euros to nonprofits that combat cancer. This week, the forum is celebrating its third annual observance of that protest to "Fight Krebs," albeit with a Coronavirus twist.
How to set up an Android phone as your security key for your Google account. Set up two-step verification for your Google account through your phone or a computer by signing into the webpage for your Google account.
Phishing emails and unsecure remote desktop protocol access are two common types of attack methods used to spread ransomware, says cyber breach firm Beazley Breach Response Services.
Don't login to company websites via emails or texts. If a company wants or needs you to login to your account, you should already know how to access your account from the company's own site or app.
The financially-motivated hacking group FIN7 has started mailing malicious USB devices to intended victims in an effort to infect their computers with malware, the FBI warns. Mainly targeting businesses via phishing emails, the cybercrime group appears to have changed tactics recently, and started sending malicious USB devices to victims via the United States Postal Service.
Kubernetes-specialist Zettaset has introduced software-defined encryption for Kubernetes-managed containers, improving DevSecOps, enhancing data protection, and enabling compliance. The fluid nature of cloud storage requires a software rather than hardware solution - and Zettaset has announced its software-defined XCrypt Kubernetes Encryption offering.
IBM and FireEye have spotted a campaign that relies on fake "COVID-19 Payment" emails to deliver the Zeus Sphinx banking trojan to people in the United States, Canada and Australia. The emails have the subject line "COVID-19 payment" and they carry malicious documents named "COVID 19 relief."
As more and more people remain at home and work from home due to the COVID-19 pandemic, most of them have been forced to use one or many video and audio conferencing applications out of necessity. One particular remote conferencing solution is quickly becoming the solution of choice for many users worldwide: Zoom.