Despite the technology’s generally sound design and widespread takeup, however, ongoing reports of MFA hacks confirm that it is far from invulnerable — and that security executives mustn’t rest on their laurels by treating the technology as a cure-all. (By David Braue, Cybercrime Magazine)
A new sideloading malware campaign targeting Windows uses phishing and social engineering tactics that can be difficult for users to spot. (By Michael Hill, CSO)
Phishing approaches are continually evolving to counter email security solutions, but even non-technical criminals can also easily take advantage of new techniques thanks to phishing kits. Mirroring out-of-the-box software bundles used by legitimate businesses, these kits provide a collection of tools that enable would-be criminals to quickly create and launch their own phishing campaigns. (By Magni Sigurðsson, Help Net Security)
Over 150 HP multifunction printers (MFPs) are open to attack via two exposed physical access port vulnerabilities (CVE-2021-39237) and two different font parsing vulnerabilities (CVE-2021-39238). (By Help Net Security)
Many organizations lack an effective patch management program, especially when it comes to patching remote systems, says Action1. (By Lance Whitney, TechRepublic)