Security Alerts & News
by Tymoteusz A. Góral

#904 FireEye uncovers phishing campaigns targeting Apple users
Security firm FireEye has found malicious phishing campaigns targeting Apple iCloud users through the use of phony Apple domains.

FireEye has reported that since January this year, several phishing campaigns have targeted the Apple IDs and passwords of Apple users in China and the United Kingdom.

An Apple ID is provided to all of Apple's customers, allowing users access to services such as iCloud, the iTunes Store, and the App Store. According to FireEye, anyone with access to an Apple ID, password, and some additional information, such as date of birth and device screen lock code, can completely take over the device and use the credit card information to impersonate the user and make purchases via the Apple Store.

One of the phishing kits found by FireEye, named zycode, targeted Apple users in China by mimicking over 30 Apple domains, appearing as an Apple login interface for Apple ID, iTunes, and iCloud designed to lure people into submitting their Apple IDs.
Read more
#914 DDoS attacks increase over 125 percent year over year
#913 Ransomware leaves server credentials in its code
#912 Qarallax RAT: Spying on US visa applicants
#911 Google to deprecate SSLv3, RC4 in Gmail IMAP/POP clients
#910 Many Lexus navigation systems bricked by over-the-air software update
#909 Firefox 47 fixes 13 vulnerabilities, removes click-to-activate plugin whitelist
#908 The new Apple App Store: subscription pricing, faster approvals, and search ads
#907 Unpatched DLink WiFi camera flaw remotely exploitable
#906 Symantec: Fake gaming torrents lead to potentially unwanted applications
#905 US warns banks of hacking threat to Swift system
#904 FireEye uncovers phishing campaigns targeting Apple users
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12