Shane Schick

Editor and writer specializing in enterprise IT, marketing and advertising, fashion and style.

May. 21, 2020

Security Intelligence

Magento Plugin Flaw Leaves Online Shoppers Open to E-Skimming Attacks

A Magento plugin vulnerability that dates back at least three years could allow e-skimming attacks on unsuspecting online shoppers, the FBI warns. In an alert sent out earlier this month, the FBI said hackers are using the exploit to take over…

May. 12, 2020

Security Intelligence

Thunderspy Vulnerabilities Put Some Thunderbolt Users at Risk of Data Theft

Millions of Windows and Linux-based devices could be hit by what researchers call Thunderspy attacks, where flaws in Thunderport interfaces are exploited in a matter of minutes. Initially discovered by a student at the Eindhoven University of…

May. 5, 2020

Security Intelligence

EventBot Mobile Banking Trojan Could Infect Over 200 Financial Services Apps

More than 200 personal finance apps are at risk of a mobile banking Trojan dubbed EventBot, which is designed to steal user data, security researchers warn. First spotted in the wild by , EventBot is focused on Android devices and attempts to take…

Apr. 28, 2020

Security Intelligence

Data-Stealing Asnarök Malware Exploits Zero-Day Flaw in Sophos XG Firewalls

Cybercriminals have been using a Trojan dubbed Asnarök to steal data by exploiting a vulnerability in enterprise firewalls from Sophos, the company warned. In an advisory that was issued over the weekend, said the campaign is aimed at both the…

Apr. 21, 2020

Security Intelligence

Emotet Gets a Redesign to Improve Its Evasion Capabilities

Emotet has returned with additional modules that have been specifically designed to improve the malware’s evasion capabilities, a cybersecurity researcher warned. In a Twitter thread this past Saturday, IT security expert Marcus Hutchins, known as ,…

Apr. 15, 2020

Security Intelligence

Phishing Campaign Tries to Fool WebEx Users With Bogus IT Security Warnings

A phishing campaign is targeting WebEx users who are working from home by spoofing IT security alerts, according to security researchers. Details of the scheme were first outlined in a report from the Cofence Phishing Defense Center. According to the…

Apr. 7, 2020

Security Intelligence

Kinsing Malware Hits Container API Ports With Thousands of Attacks per Day

A misconfigured API port has led to a months-long campaign in which cybercriminals have been launching daily Kinsing malware attacks that number in the thousands, according to security researchers. Directed at enterprises operating container…

Mar. 26, 2020

What coronavirus means for sports marketing

The postponement of the Summer Olympics, coupled with the suspension of play across the NBA and NHL, have disappointed fans all over the world. For brands, however, the impact of COVID-19 may require coming up with a new playbook if they want to…

Mar. 23, 2020

Security Intelligence

Mirai Variant Mukashi Conducts Brute-Force Attacks Against Vulnerable NAS Devices

Network-attached storage (NAS) devices are being targeted by Mukashi, a variant of the Mirai malware, in an effort to launch large-scale distributed denial-of-service (DDoS) attacks, researchers warn. The attacks, which says have already been spotted…

Mar. 18, 2020

Security Intelligence

Snoop Attacks via L1 Data Sampling Threaten Security of Intel CPUs

Intel processors, including Core and Xeon products, are susceptible to attacks described as Snoop-assisted L1 data sampling, a security investigator has discovered. Described in a deep-dive report published to warn software developers, Intel said the…

Mar. 10, 2020

Security Intelligence

Threat Actors Launch Attacks Based on Exchange Control Panel Vulnerability

Threat groups are exploiting a vulnerability in the Exchange Control Panel (ECP) just weeks after Microsoft issued a patch, security researchers have discovered. Details of the attacks were first brought to light by a report from U.K.-based , which…

Mar. 4, 2020

Will loyalty programs gain renewed value in a cookie-less era?

Loyalty programs existed long before personalization and one-to-one marketing bubbled up as buzzwords, but the emergence of fresh digital channels and evolving privacy regulations suggest they may become paramount to brands. A KPMG study from…

Mar. 3, 2020

Security Intelligence

Researchers Estimate Krøøk Vulnerability Could Put a Billion Wi-Fi Devices at Risk

Researchers estimate more than a billion devices may be vulnerable to a cyberthreat dubbed Krøøk that can intercept and decrypt Wi-Fi traffic using WPA2 connections. researchers said the vulnerability affects devices containing some of the most…

Feb. 25, 2020

Security Intelligence

Phishing Schemes Use Google Forms to Steal Office 365 Credentials

Phishing campaigns aimed at stealing Microsoft user credentials are using Google Forms to dupe potential victims, security researchers warn. Cybercriminals managed to increase their odds of success by breaking into a legitimate website to host and…

Feb. 13, 2020

Samsung Business Insights

5 Ways Samsung Is Tackling Mobile Security With Knox

As we enter a new decade, the range of mobile security threats targeting smartphone users — zero-day attacks, advanced persistent threats and ransomware — is only getting more varied and sophisticated. Fortunately, Samsung Knox has been evolving even…

Feb. 12, 2020

Security Intelligence

FBI Warns Supply Sector Software Providers to Watch Out for Kwampirs Malware

An ongoing campaign to infect supply chain software firms with the Kwampirs malware has led the FBI to issue a formal warning to the private sector, according to published reports. Targets for the remote-access Trojan (RAT) include organizations that…

Feb. 5, 2020

Security Intelligence

Magecart Attacks Olympic Ticket Resellers, Other E-commerce Sites With OpendoorCDN Skimmer

Just a month after infecting an Olympic ticket reseller, a Magecart group has used the OpendoorCDN skimmer to compromise a number of e-commerce sites that reference the same malicious domain. Security researcher Jacob Pimental outlined the details of…

Jan. 22, 2020

Security Intelligence

EFS Ransomware Attacks Overcome Major Antivirus Tools in Proof-of-Concept Tests

EFS ransomware attacks targeting Windows users could potentially overcome several major signature-based antivirus tools, researchers have discovered. Developed by Microsoft and intended to offer full disk encryption, EFS — otherwise known as Windows…

Jan. 16, 2020

Security Intelligence

Microsoft Patches CryptoAPI Flaw Following Discovery From NSA

Microsoft used its first Patch Tuesday update of the new decade to address a critical vulnerability in its CryptoAPI library. A default feature within Windows that’s also known as Crypt32.dll, the CryptoAPI patch addresses a bug that could allow…

Jan. 15, 2020

Security Intelligence

Cable Haunt Leaves an Estimated 200 Million Modems Open to Potential Attacks

An estimated 200 million modems or more may be vulnerable to an exploit dubbed Cable Haunt, which researchers said could give attackers complete control over their victims’ devices. First discovered and detailed in a site set up by a Denmark-based…