Cisco Webex Flaw Lets Unauthenticated Users Join Private Online Meetings
The flaw could allow a remote, unauthenticated attacker to enter a password-protected video conference meeting.
Web Security
Fake Smart Factory Honeypot Highlights New Attack Threats
The honeypot demonstrates the various security concerns plaguing vulnerable industrial control systems.
Menlo Security Protects Organizations from Iranian Retaliation
As warfare extends to cyberspace, U.S.-based organizations can use email and web isolation to protect users from common tactics used by Iranian-backed threat actors.
Shlayer, No. 1 Threat for Mac, Targets YouTube, Wikipedia
The malware uses thousands of partner websites to spread malvertising code.
Cisco Warns of Critical Network Security Tool Flaw
The critical flaw exists in Cisco’s administrative management tool, used with network security solutions like firewalls.
Google: Flaws in Apple’s Private-Browsing Technology Allow for Third-Party Tracking
New research outlines vulnerabilities in Safari’s Intelligent Tracking Protection that can reveal user browsing behavior to third parties.
Vivin Nets Thousands of Dollars Using Cryptomining Malware
A newly discovered threat actor named Vivin is raking in Monero from cryptomining malware, showing that this type of attack isn’t going away anytime soon.
PoC Exploits Do More Good Than Harm: Threatpost Poll
More than half of security experts think that the good outweighs the bad when it comes to proof-of-concept exploits, according to a recent Threatpost poll.
Microsoft Zero-Day Actively Exploited, Patch Forthcoming
CVE-2020-0674 is a critical flaw for most Internet Explorer versions, allowing remote code execution and complete takeover.
Google Account Security Keys Launch for iPhone
iPhone users can now use Bluetooth to secure their Google accounts.