Infosec products of the month: August 2024

Here’s a look at the most interesting products from the past month, featuring releases from: Adaptive Shield, AppOmni, ArmorCode, Bitwarden, Cequence Security, ClearSale, Clutch Security, Contrast Security, Dragos, Elastic, Endor Labs, Entrust, Fortani… Continue reading Infosec products of the month: August 2024

Salesforce and Meta suffer phishing campaign that evades typical detection methods

The Guardio research team discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce’s legitimate email services and SMTP servers. Phishing email sample as was sent from the “@salesforce.com” email address The vulnerability… Continue reading Salesforce and Meta suffer phishing campaign that evades typical detection methods

SVB account holders targeted with phishing, scams

After news broke late last week about Silicon Valley Bank’s bank run and collapse, security researchers started warning SVB account holders about incoming SVB-related scams and phishing attempts. Another reminder: just because caller ID says FDIC… Continue reading SVB account holders targeted with phishing, scams

Fake ChatGPT Chrome extension targeted Facebook Ad accounts

ChatGPT has garnered a lot of questions about its security and capacity for manipulation, partly because it is a new software that has seen unprecedented growth (hosting 100 million users just two months following its launch). Security concerns vary fr… Continue reading Fake ChatGPT Chrome extension targeted Facebook Ad accounts

A flaw in ConnectWise Control spurred the company to make life harder for scammers

A vulnerability in popular remote access service/platform ConnectWise Control could have been leveraged by scammers to make compromising targets’ computers easier, Guardio researchers have discovered. By abusing the fully-featured 14-day trial op… Continue reading A flaw in ConnectWise Control spurred the company to make life harder for scammers

Evernote Chrome extension flaw could have allowed access to personal info

Guardio discovered a major flaw in Evernote’s Web Clipper Chrome extension’s code that left it vulnerable, potentially allowing threat actors to access personal information from users’ online services. The vulnerability, a Universal X… Continue reading Evernote Chrome extension flaw could have allowed access to personal info