Malicious actors can abuse Microsoft Word's Online Video feature to deliver videos that secretly exhaust their viewers' computer processing power in order to mine cryptocurrencies, according to Israeli cybersecurity firm Votiro.
Reputed North Korean APT group TEMP.Reaper, the alleged culprit behind a zero-day ROKRAT malware campaign leveraging Adobe Flash Player vulnerability CVE-2018-4878, has been expanding its global target list despite remaining largely under the radar, according to a new FireEye research report.
California's Department of Fish and Wildlife has reportedly issued an internal memo warning that a former employee downloaded worker and vendor records to a personal device without authorization, and stored them on an insecure network.
Exclusive: Researchers say Kaspersky web portal exposed users to session hijacking, account takeovers
Security researchers say they discovered several vulnerabilities and security lapses in Kaspersky Lab's my.kaspersky.com web portal earlier this month, adding that the flaws exposed users to potential session hijackings and account takeovers.
- SSM Health call center agent with access to records allegedly violated patient privacy
- Zomato breach leaves bad taste in mouth of 17 million users
- Hacker accesses Michigan State University database in reported extortion attempt
- Stolen laptop exposes PII of over 200K Premier Healthcare patients
- Magnolia Health Corporation suffers breach after falling for spoofed CEO email
- Employees mishandle data, violate HIPAA in Washington State Medicaid breach