A type of card-not-present fraud is spreading throughout the Latin American underground, uniting groups of malefactors in a communal effort to perpetrate it as widely as possible.
Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell discuss the week’s information security news.
A recently discovered malware steals cache data and messaging sessions from the desktop version of encrypted messaging service Telegram.
Researchers created a proof-of-concept attack that allows remote attackers to access protected APIs to extract credentials.
The Sun Team APT, likely linked to North Korea, uses Google Play and Facebook as attack vectors.
An array of malicious Android apps purporting to be popular game Fortnite are instead harvesting call logs and downloading cryptomining malware.
A team of academic researchers has demonstrated that it’s possible to closely mimic legitimate voice commands in order to carry out nefarious actions on these home assistants.
The company urges customers to patch three vulnerabilities that received the highest severity rating of 10.
Threatpost talked to several security researchers about what’s changed in the past year.
Deception technology is an emerging category of cyber defense that is particularly useful when it comes to IoT devices, SCADA systems and medical devices.