Recent Security News
-
Amazon adds passkey support as new passwordless login option
October 17, 2023 at 03:09PM Amazon has introduced passkey support as a passwordless login option to enhance security for customers. Passkeys are digital credentials that use biometric controls or PINs linked to devices for logging into websites. They mitigate the risk of data breaches, compromised accounts, phishing attacks, and information-stealing malware. Passkeys also simplify the…
-
D-Link confirms data breach after employee phishing attack
October 17, 2023 at 02:55PM Networking equipment manufacturer D-Link confirmed a data breach in which customer and employee information, including the CEO’s details, were stolen and put up for sale. The attacker claims to have also taken source code for D-Link’s software. The company shut down affected servers, disabled user accounts, and clarified that only…
-
‘Etherhiding’ Blockchain Technique Hides Malicious Code in WordPress Sites
October 17, 2023 at 01:11PM Attackers have been using proprietary blockchain technology to conceal malicious code in a campaign involving fake browser updates. The campaign, called ClearFake, tricks users into downloading fake browser updates from compromised WordPress sites. The attackers use a technique called “EtherHiding” to host malicious code on Binance Smart Chain contracts, making…
-
Watch Out: Attackers Are Hiding Malware in ‘Browser Updates’
October 17, 2023 at 12:49PM Threat actors are disguising malware as fake browser updates and spreading it through vulnerable websites. This tactic has been adopted by multiple threat clusters, including TA569. The malicious code is injected into legitimate websites and presents users with convincing browser update notifications. When users click “Update,” they unknowingly download malware.…