A sophisticated malware-as-a-service phishing kit includes full customer service and anti-detection technologies.
Citrix has issued the first of several updates fixing a critical vulnerability in various versions of its Citrix Application Delivery Controller (ADC) and Citrix Gateway products.
New versions of the ransomware now sniff out saved credentials for Internet Explorer, Mozilla Firefox, Mozilla Thunderbird, Google Chrome and Microsoft Outlook.
CVE-2020-0674 is a critical flaw for most Internet Explorer versions, allowing remote code execution and complete takeover.
Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.
Researchers say that JhoneRAT has various anti-detection techniques - including making use of Google Drive, Google Forms and Twitter.
The WeLeakInfo "data breach notification" domain is no more.
Weak challenge questions by customer service reps make it easy for fraudsters to hijack a phone line and bypass 2FA to breach accounts.
Are publicly released proof-of-concept exploits more helpful for system defenders -- or bad actors?
Are publicly-released PoC exploits good or bad? Why is the Joker malware giving Google a headache? The Threatpost team discusses all this and more in this week's news wrap.