Freepik Company Discloses Data Breach Affecting More Than 8 Million Users

The Freepik Company has disclosed a data breach impacting the login information of more than 8 million Freepik and Flaticon users. According to a press release, the security incident was the result of a SQL injection in Flaticon, one of the world’s lar… Continue reading Freepik Company Discloses Data Breach Affecting More Than 8 Million Users

Vermont Taxpayers Warned of Data Leak Over the Past Three Years

A vulnerability in the state’s system may have exposed personal data that can be used for credential theft for those who filed Property Transfer Tax returns online. Continue reading Vermont Taxpayers Warned of Data Leak Over the Past Three Years

Zoom Addresses Vanity URL Zero-Day

An attacker could pose as a company employee, invite customers or partners to meetings, then use socially engineered conversation to extract sensitive information. Continue reading Zoom Addresses Vanity URL Zero-Day

Amazon-Themed Phishing Campaigns Swim Past Security Checks

A pair of recent campaigns aim to lift credentials and other personal information under the guise of Amazon package-delivery notices. Continue reading Amazon-Themed Phishing Campaigns Swim Past Security Checks

Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks

The phishing campaign targeted Office 365 accounts in 62 countries, using business-related reports and the coronavirus pandemic as lures. Continue reading Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks

Phishing Campaign Targeting Office 365, Exploits Brand Names

Attackers use trusted entities to trick victims into giving up their corporate log-in details as well as to bypass security protections. Continue reading Phishing Campaign Targeting Office 365, Exploits Brand Names