Network security best practices for the holidays
Tips to better protect your network while you take some well-deserved time off.
Similar Posts
North Korea’s APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware
Bys sThe North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning the trust-building exercise into a delivery channel for a remote access trojan called RokRAT. “The threat actor used…
Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds
Bys sA team of academics from ETH Zürich and Google has discovered a new variant of a RowHammer attack targeting Double Data Rate 5 (DDR5) memory chips from South Korean semiconductor vendor SK Hynix. The RowHammer attack variant, codenamed Phoenix (CVE-2025-6202, CVSS score: 7.1), is capable of bypassing sophisticated protection mechanisms put in place to resist…
E-ZPass toll payment texts return in massive phishing wave
Bys sBill Toulas reports: An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority…
I called American Income Life Insurance to alert them to a data breach involving 150,000 customers. Here’s why they didn’t find out.
Bys sPaging the Federal Trade Commission to Aisle 5…. The Federal Trade Commission has repeatedly emphasized the importance of having a mechanism in place to receive data security alerts or concerns. American Income Life Insurance (“AILife”), headquartered in Waco, Texas, does not provide such information on its home page or anywhere else on the site that……
Mysterious hacking group Careto was run by the Spanish government, sources say
Bys sLorenzo Franceschi-Bicchierai reports: More than a decade ago, researchers at antivirus company Kaspersky identified suspicious internet traffic of what they thought was a known government-backed group, based on similar targeting and its phishing techniques. Soon, the researchers realized they had found a much more advanced hacking operation that was targeting the Cuban government, among others….
New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records
Bys sCybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat….