TikTok has addressed two vulnerabilities that could have allowed attackers to take over accounts with a single click when chained together for users who signed-up via third-party apps.
A high severity bug found in Facebook's official chat plugin for WordPress websites with over 80,000 active installations could allow attackers to intercept messages sent by visitors to the vulnerable sites' owner.
Manual IAM processes slow down IT and introduce risk.
In this webinar, see how Black Rifle Coffee leverages automation to reduce offboarding time from weeks to minutes, save 120 hours of analyst time, and strengthen their security posture - all without adding headcount.
Spelevo exploit kit's operators have recently added a new infection vector as part of their attacks, attempting to social engineer potential targets into downloading and executing addition malware payloads from decoy adult sites.
A new social engineering toolkit called Domen has been discovered that uses fake browser and program update alerts on compromised sites to infect users with malware and remote access software.
Business email compromised (BEC) attacks have seen an explosive 476% growth between Q4 2017 and Q4 2018, while the number of email fraud attempts against companies increased 226% QoQ.
Social engineering is the use of deception to manipulate individuals into disclosing sensitive information that may be used to compromise a network, infiltrate an organization, gain access to trade secrets, or in furtherance of an espionage operation. In this article we look at ways to protect yourself from these types of attacks.
An expert in Android security is warning users that some developers of crappy Android apps have come up with a new trick for fooling users into installing their apps.
Tech support scams are bigger than ever, according to Microsoft, the company revealing last week that it received over 153,000 reports from customers who were the victims of a tech support scam in 2017, a number that went up 24 percent compared to complaints the OS maker received in 2016.
An organized and highly dynamic malware distribution campaign has been leveraging thousands of hacked websites to redirect users to web pages peddling fake software updates in an attempt to infect them with malware.
An unnamed UK-based regional water supply company lost over £500,000 ($645,000) in a sophisticated scam that involved social engineering, an inside man, and international bank transfers.
During the past year, social media profiles belonging to a girl named Safeena Malik have been at the heart of a series of phishing attacks that have targeted journalists and activists investigating Qatari migrant worker labor issues.