Security researchers at AT&T Alien Labs have uncovered a vulnerability in Slack Inc. that can be used to phish users. The discovery, announced today, involves exploiting Slack Incoming Webhooks. Designed as a simple way to post messages from apps into Slack, Incoming Webhooks offers a unique URL in which an app can send a JSON ...

Despite reports in March that those in the hacking community were encouraging others to not take advantage of the COVID-19 pandemic, the number of cyberattacks has continued to rise, according to new research from Palo Alto Networks Inc.’s Unit 42. The researchers found that COVID-19-themed attacks, particularly phishing attacks, continue to surge. The company said ...

Microsoft Corp. today announced it has patched a range of vulnerabilities in its monthly security release, including two critical vulnerabilities discovered March 23 that were being exploited by hackers. The two remote code execution vulnerabilities are found in the Adobe Type Manager Library (atmfd.dll) that’s used by Windows to render PostScript Type 1 fonts inside ...

Venture capital investments in the first quarter of 2020 stayed strong, but with the COVID-19 pandemic causing economic chaos, investment levels are likely to weaken for the rest of the year. That’s according to the quarterly PitchBook-NVCA Venture Monitor report released today. For the quarter ending March 31 there were 2,298 venture capital deals totaling $34.2 billion. Those figures are ...

WordPress sites using the popular WooCommerce plugin are being targeted by credit card skimming code, the first time that Magecart-like attacks have been discovered targeting the content management system. Discovered late last week by security researcher Ben Martin at Sucuri, the attacks involve the injection of JavaScript to steal both the credit card number and card security ...

The account details of more than 500,000 users of Zoom Video Communications Inc. have been found for sale on the dark web, the shady part of the internet reachable with special software, in the latest security concern surrounding the company. Discovered by security researchers at Cyble, the credentials include email address, password, personal meeting URL and ...

San Francisco International Airport has been hacked, with data stolen from two subsidiary sites, SFOConstruction.com and SFOConnect.com. The attack occurred last month and involved the theft of login credentials such as usernames and passwords. SFO does not refer to those passwords being encrypted, so it can be presumed that the passwords may have been in plain text. ...

Hangouts Chat and Hangouts Meet are no longer. Google LLC has rebranded the enterprise chat and meeting services in G Suite as Google Chat and Google Meet, amid surging use of them during the COVID-19 pandemic. Strangely, Google did not actually announce the name change, instead publishing a blog post that explained Meet’s security and ...

Microsoft Corp.’s Teams has broken a new record during the coronavirus pandemic with 2.7 billion meeting minutes in one day. The figure is said to be an increase of 200% from 900 million meeting minutes on March 16 and is in part credited to a surge of 183,000 “tenants” in 175 countries using Teams for ...

Foreign currency exchange provider Travelex is reported to have paid $2.3 million in bitcoin to restore its network after hackers launched a ransomware attack against the company Dec. 31. The Wall Street Journal reported today that Travelex decided to pay the 285 bitcoin ransom to the REvil ransomware gang on the advice of experts. REvil had threatened ...