Malware
![](https://thesecurefamily.com/wp-content/uploads/2022/08/Microsoft-patch-tuesday-end-400x400.jpg)
Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws
- By ThreatPost
- . August 10, 2022
Microsoft is urging users to patch a zero-day vulnerability dubbed Dogwalk that is actively being exploited in the wild. The bug (CVE-2022-34713) is tied to
![](https://thesecurefamily.com/wp-content/uploads/2022/08/crypto-hack-400x400.jpg)
Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs
- By ThreatPost
- . August 9, 2022
The U.S. government has slapped sanctions on virtual currency mixer Tornado Cash for laundering more than $7 billion in crypto cash derived from cybercriminal activity.
![](https://thesecurefamily.com/wp-content/uploads/2022/08/2FA_two-factor-authentication-400x400.jpg)
Phishers Swim Around 2FA in Coinbase Account Heists
- By ThreatPost
- . August 8, 2022
Threat actors are making their way around two-factor authentication (2FA) and using other clever evasion tactics in a recently observed phishing campaign aimed at taking
![](https://thesecurefamily.com/wp-content/uploads/2022/08/email-3249062_1280-400x400.png)
Open Redirect Flaw Snags Amex, Snapchat User Data
- By ThreatPost
- . August 5, 2022
Attackers are exploiting a well-known open redirect flaw to phish people’s credentials and personally identifiable information (PII) using American Express and Snapchat domains, researchers have
![](https://thesecurefamily.com/wp-content/uploads/2022/08/vmware-patch-400x400.jpg)
VMWare Urges Users to Patch Critical Authentication Bypass Bug
- By ThreatPost
- . August 3, 2022
VMware and experts alike are urging users to patch multiple products affected by a critical authentication bypass vulnerability that can allow an attacker to gain
![](https://thesecurefamily.com/wp-content/uploads/2022/07/Business-Email-Compromise-400x345.jpg)
Universities Put Email Users at Cyber Risk
- By ThreatPost
- . August 2, 2022
Top U.S. universities are among the worst in the world at protecting users from email fraud, lacking security measures to prevent common threat tactics such
![](https://thesecurefamily.com/wp-content/uploads/2022/08/cloud-digital-400x400.png)
Securing Your Move to the Hybrid Cloud
- By ThreatPost
- . August 1, 2022
Infosec Insider contributor Rani Osnat is SVP Strategy at Aqua Security The combination of private and public cloud infrastructure, which most organizations are already using,
![](https://thesecurefamily.com/wp-content/uploads/2022/07/discord-game-social-400x400.jpg)
Malicious Npm Packages Tapped Again to Target Discord Users
- By ThreatPost
- . July 29, 2022
Threat actors once again are using the node package manager (npm) repository to hide malware that can steal Discord tokens to monitor user sessions and
![](https://thesecurefamily.com/wp-content/uploads/2022/07/sl-abstract-office-document-400x400.jpg)
Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office
- By ThreatPost
- . July 28, 2022
Threat actors are finding their way around Microsoft’s default blocking of macros in its Office suite, using alternative files to host malicious payloads now that
![](https://thesecurefamily.com/wp-content/uploads/2022/07/shutterstock_182196404-400x400.jpg)
Messaging Apps Tapped as Platform for Cybercriminal Activity
- By ThreatPost
- . July 27, 2022
Cybercriminals are tapping the built-in services of popular messaging apps like Telegram and Discord as ready-made platforms to help them perform their nefarious activity in