Top

Category: Phishing


Phishing

Account Takeover Attacks Become a Phishing Fave

September 21, 2018

Via: Dark Reading

More than three-quarters of ATOs resulted in a phishing email, a new report shows. Why spoof an email address for phishing messages when you can hijack an account and send them from the real one? That’s the theory behind account […]


Phishing, Vulnerabilities

Threats posed by using RATs in ICS

September 20, 2018

Via: Securelist

While conducting audits, penetration tests and incident investigations, we have often come across legitimate remote administration tools (RAT) for PCs installed on operational technology (OT) networks of industrial enterprises. In a number of incidents that we have investigated, threat actors […]


Email security, Phishing

State Department confirms breach of unclassified email system

September 19, 2018

Via: CSO Online

The U.S. State Department confirmed it suffered a data breach that exposed employee data; the breach affected the State Department’s unclassified email system. It’s not like the agency suddenly decided to tell the public about the breach, though. The incident […]


Identity theft, Phishing

Here’s Why Business Email Compromise Is Still Driving Executive Identity Theft

September 12, 2018

Via: Security Intelligence

All it took was access to a lawyer’s email, and suddenly, almost $532,000 was in the wrong hands. This business email compromise (BEC) scam began simply: A criminal in Los Angeles named Ochenetchouwe Adegor Ederaine, Jr. gained access to a […]


Cyber-crime, Phishing, Spam, Threats & Malware

Loki Bot: On a hunt for corporate passwords

August 29, 2018

Via: Securelist

Starting from early July, we have seen malicious spam activity that has targeted corporate mailboxes. The messages discovered so far contain an attachment with an .iso extension that Kaspersky Lab solutions detect as Loki Bot. The malware’s key objective is […]


Cyber-crime, Phishing

DNC ‘spearphishing attack’ was actually a test

August 24, 2018

Via: Naked Security

The Democratic National Committee (DNC), on Wednesday: We’ve been spearphished! The committee called the FBI about what it said was a fake login page designed to intercept usernames and passwords that would get attackers into the party’s voter database. The […]


Cyber-crime, Phishing

False Alarm: Phishing Attack Against DNC Was Just a Test

August 24, 2018

Via: DataBreach Today

A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee’s voter database has turned out to be part of an uncoordinated security exercise. The false alarm has highlighted the benefits […]


Phishing

Necurs Botnet Goes Phishing for Banks

August 17, 2018

Via: Dark Reading

The Necurs botnet has resurfaced in a new phishing campaign targeting banks with malicious Microsoft Publisher and PDF files packed with the FlawedAmmyy remote-access Trojan. Cofense researchers first detected the campaign early on August 15 and have confirmed 3,071 banking […]


Phishing

What is phishing? How this cyber attack works and how to prevent it

August 10, 2018

Via: CSO Online

Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or […]


Email security, Phishing, Spam

Email Security Firm Mimecast Buys Staff Training Startup Ataata

July 10, 2018

Via: Security Week

London, UK-based email archiving and security firm Mimecast has acquired Bethesda, Md-based security training company Ataata. Financial terms of the acquisition have not been disclosed Mimecast, founded by CEO Peter Bauer and CTO Neil Murray in 2003, offers a SaaS-based […]