Application security, Malware, Phishing, Threat Management

US-CERT warns about spoofed US-CERT phishes

Phishers are spoofing email addresses belonging to US-CERT, an arm of the Department of Homeland Security that coordinates information sharing related to cyber threats, to trick users into installing malware. According to an alert Tuesday, a campaign is currently underway that targets a number of private and government organizations. The messages contain a .zip attachment, "US-CERT Operation Center Report," which is actually a malicious executable file. The alert recommends that recipients immediately delete the socially engineered emails.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Related

Data exposed by over 30K Postman Workspace instances

Hackread reports that more than 30,000 internet-exposed instances of widely used cloud-based API development and testing platform Postman Workspace had API keys, tokens, and admin credentials exposed as a result of access control misconfiguration, accidental Postman collection sharing, public repository syncing, and unencrypted storage of plaintext data.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Brute ForceCommon Gateway Interface (CGI)CookieDNS SpoofingData MiningDictionary AttackDomain HijackingDrive-by DownloadDumpSecDynamic Link Library

You can skip this ad in 5 seconds