Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws

The most recent Patch Tuesday includes a fix for the previously disclosed and actively exploited remote code execution flaw in MSHTML. The arrival of the second Tuesday of the month can only mean one thing in cybersecurity terms, Microsoft is rolling out patches for security vulnerabilities in Windows and its other offerings. This time round Microsoft’s … More Microsoft Patch Tuesday fixes actively exploited zero‑day and 85 other flaws

Prime targets: Governments shouldn’t go it alone on cybersecurity

A year into the pandemic, ESET reveals new research into activities of the LuckyMouse APT group and considers how governments can rise to the cybersecurity challenges of the accelerated shift to digital. Earlier this year, a well-known APT group dubbed LuckyMouse (aka Emissary Panda, APT27) began exploiting several zero-day Microsoft Exchange Server vulnerabilities. Its end goal? … More Prime targets: Governments shouldn’t go it alone on cybersecurity

PayPal remains the most‑spoofed brand in phishing scams

WhatsApp also emerges as a favorite target for brand impersonation amid a general spike in social media phishing. PayPal, Facebook, Microsoft, Netflix, and WhatsApp were the most commonly impersonated brands in phishing campaigns in the fourth quarter of 2019, a report by email security company Vade Secure has found. The payment services provider retained its top spot … More PayPal remains the most‑spoofed brand in phishing scams