VisionDirect Blindsided by Magecart in Data Breach
Researchers say the Magecart threat group skimmed data of VisionDirect customers using fake Google Analytics scripts. Source: www.threatpost.com
Web Security
Stopping the Infiltration of Things
If a network-connected smoke detector starts communicating with the mail server, you know you have a problem. Source: www.threatpost.com
Cryptojacking Attack Targets Make-A-Wish Foundation Website
Hackers took advantage of an unpatched Drupal vulnerability in the organization’s website to launch a cryptojacking attack. Source: www.threatpost.com
Gmail Glitch Offers Stealthy Trick for Phishing Attacks
The issue comes from how Gmail automatically files messages into the “Sent” folder. Source: www.threatpost.com
Critical WordPress Flaw Grants Admin Access to Any Registered Site User
The privilege-escalation vulnerability would allow an attacker to inject malware, place ads and load custom code on an impacted website. Source: www.threatpost.com
Managing the Risk of IT-OT Convergence
Why manufacturing and logistics are especially challenged. Source: https://threatpost.com
Connected Wristwatch Allows Hackers to Stalk, Spy On Children
“Our advice is to stop using this watch” as mitigations are not available, researchers told Threatpost. Source: www.threatpost.com
Ahead of Black Friday, Rash of Malware Families Takes Aim at Holiday Shoppers
As consumers skip the store crowds in favor of online deals, cyberattackers have geared up to victimize them. Source: https://threatpost.com
Bitcoin Giveaway Scam Balloons, with Google the Latest Victim
A slew of verified Twitter accounts have been hijacked and altered, used to tweet out a bogus Bitcoin giveaway scam. Source: www.threatpost.com
Pwn2Own Trifecta: Galaxy S9, iPhone X and Xiaomi Mi6 Fall to Hackers
Hacker contest earns participants $325,000 based on the discovery of 18 vulnerabilities. Source: www.threatpost.com