Loopholes that lead to hacking even when 2FA is enabled

Cybersecurity is like a game of whack-a-mole. As soon as the good guys put a stop to one type of attack, another pops up. Usernames and passwords were once good enough to keep an account secure. But before long, cybercriminals figured out how to get around this. Often they’ll use “brute force attacks”, bombarding a user’s account with various password and login combinations in a bid to guess the correct one. Hackers have been known to trick mobile phone carriers into transferring a victim’s phone number to their own phone.…

Read More

QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money

A notorious banking trojan aimed at stealing bank account credentials and other financial information has now come back with new tricks up its sleeve to target government, military, and manufacturing sectors in the US and Europe, according to new research. In an analysis released by Check Point Research today, the latest wave of Qbot activity appears to have dovetailed with the return of Emotet — another email-based malware behind several botnet-driven spam campaigns and ransomware attacks — last month, with the new sample capable of covertly gathering all email threads…

Read More

Microsoft Patch

Microsoft has rolled out one of the biggest security updates this month. For June, the Patch Tuesday update bundle includes a whopping 129 security fixes by Microsoft, including some critical bugs. Critical Security Fixes In June With Patch Tuesday June updates, Microsoft has issued security fixes for 11 different critical bugs. All of these vulnerabilities, when exploited, could lead to remote code execution. One of these bugs, CVE-2020-1299, existed in the way Microsoft Windows processed .LNK files. This is the third RCE flaw related to .LNK file processing addressed this…

Read More