Three North Korean threat groups have been sanctioned in the U.S. as part of a larger U.S. initiative against North Korea-linked malicious cyber activity. Go to Source

ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities and then selling the certificates on the black market. Go to Source

New tactics aimed at business executives and users are being used to reap greater reward from email based fraud, which continues to rise, researchers said. Go to Source

Sites that use the Gutenberg (found in WordPress 5.0 to 5.2.2) are open to complete takeover. Go to Source

Apple will not fix the glitch until the release of iOS 13.1 later in September. Go to Source

At every turn, the info-stealer uses legitimate services to get around normal email, endpoint and network defenses. Go to Source

Researchers warn that U.S. firms are being targeted with legitimate – but trojanized – documents that are often socially engineered to a tee. Go to Source

Threatpost editors Tara Seals and Lindsey O’Donnell talk about the top news stories of the week – from leaky databases to SIM card attacks. Go to Source

Proofpoint’s senior director of the threat research team discusses the strange levels that attackers are going to in order to persuade victims to click on phishing messages. Go to Source

Cobalt Dickens (a.k.a. Silent Librarian) is now actively targeting 380 universities, bent on stealing credentials and moving deeper into school networks. Go to Source