Third Party Risk Assessment

Third Party Risk Assessment Page 5

Threat Actors Google Docs Phishing Attacks Digital Risk Email Phishing Brand Abuse

Threat actors abuse Google Docs to spread phishing attacks

Even Google Docs has not been spared from being abused in cyberattacks, as researchers found that threat actors are exploiting its commenting feature to execute phishing attacks since December last year. Many employees globally are familiar with how Google Docs email alerts work. Receiving such alerts on their Gmail accounts might make them curious to...
Continue Reading
Mozilla Firefox 94 Patch Release Windows Cloud Clipboard Cybersecurity Risk Web Browser

Mozilla details the Firefox 94 patch related to Windows Cloud Clipboard

The Firefox 94 browser has recently undergone an issue wherein people’s usernames and passwords were recorded in the Cloud Clipboard feature of Windows. Nonetheless, Mozilla has released a patch into this issue, categorizing it as a severe security risk that can expose users’ credentials to threat actors as they copy or cut their usernames and...
Continue Reading
Compromised NPM Node Package Manager Attack Vector Discord Tokens Communication Platform Info Stealing

Compromised NPM packages now a vector for stealing Discord Tokens

Researchers have discovered several compromised Node Package Manager (NPM) packages trying to hijack and steal Discord tokens. Discord is a growing chat app with about 350 million users globally. However, due to this popularity, this chat application caught the attention of numerous malicious threat actors. Recently, security researchers have identified 17 distinct malicious packages in...
Continue Reading
Dark Mirai Botnet RCE Remote Code Execution Vulnerability Abuse Flaw TP Link Router MANGA TL-WR840N

Dark Mirai botnet discovered abusing RCE flaws in TP-Link units

The Dark Mirai botnet threat operators, also known as MANGA botnet, have been found exploiting a newly discovered vulnerability in the TP-link product called ‘TL-WR840N EU V5’ that gives a threat actor remote code execution capability. The TP-Link product is either a wired or a wireless network expansion unit. It is a product that aids...
Continue Reading
Hackers Steal Master Passwords Last Pass Data Leak MFA

Hackers attempted to steal the master passwords of LastPass users

LastPass users worldwide were frightened after a message was sent to their respective emails about their master passwords being accessed by unknown threat actors from unrecognised locations. However, the access attempts were immediately blocked as a safety precaution since they came from unidentified locations. Stories of similar LastPass master passwords being compromised were seen posted...
Continue Reading
Bug Cisco FTD ASA Firewall Disrupt Operations Cyber Threat Vulnerability Assessment

Bug in Cisco FTD and ASA disables firewall and disrupt operations

Security experts have recently warned about a new bug that has been identified this week in Cisco Firepower Threat Defence (FTD) and Adaptive Security Appliance (ASA) firewalls that could open doors for distributed denial-of-service (DDoS) attacks. Moreover, the discovered high-severity vulnerability – CVE-2021-34704 – is said not to require advanced privileges or special access to...
Continue Reading
Scammers Threat Actors Cryptocurrency Bitcoin Dogecoin Tether Online Wallets

Scammers and Threat Actors feasting off cryptocurrency owners

Recently, the use of Cryptocurrency has gained an insane amount of popularity in different countries. However, this popularity has also attracted numerous malicious entities like scammers that will stop at nothing to steal your precious savings.  According to research, an estimated $500,000 worth of cryptocurrencies were stolen by unknown scammers in just a few days. Scammers were...
Continue Reading
Profits Stolen Squid Game Cryptocurrency Scam Investment Fraud Scheme Trading

Millions of profits were stolen by the new Squid Game cryptocurrency scam

New reports have recently emerged regarding a new cryptocurrency based on the latest Netflix Korean series, Squid Game. It was from a Twitter post when people had noticed the existence of the new coin. Tweeted by user @jonhree112, they encouraged others to buy the coin before it reached a dollar; however, it eventually became a scam that stole...
Continue Reading
Apps Snake Malware trojan malware phishing data breach threat actors Firefox Chrome Safari Opera

50 Apps are prone to the venom of the Snake Malware

One of the most popular trojan malware that steals passwords called ‘Snake’ is the most used across the world. Cyber threat actors are constantly using this malware since the developers are selling it for only $25.  A researcher discovered that malware is written in [.]Net and using the same staging function as Agent Tesla and Formbook.    The malware...
Continue Reading
Mozilla Firefox Malicious Addons Web Browser Extensions Third party

About 455,000 Firefox users installed malicious add-ons that Mozilla has now blocked 

Recent reports reveal that Mozilla has blocked malicious Firefox add-ons that about 455,000 users have installed on their browsers. A discovery was shown in June this year that users are exploiting the proxy API add-ons to block the patches released by Firefox.   The add-ons, Bypass and Bypass XM, use the API to interrupt and redirect web requests into blocking...
Continue Reading
1 3 4 5 6 7 12