Category: Phishing

Malware, Phishing

Poisoned Search Results Deliver Banking Malware

November 6, 2017

Via: Threat Post

Cybercriminals are using novel approaches to poison Google search results in the hope of infecting users with a banking Trojan called Zeus Panda, researchers at Cisco said. Attackers behind the Google poisoning attempts are targeting primarily keyword searches related to […]


Equifax Sent Breach Victims to Fake Website

September 21, 2017

Via: Security Week

Equifax has made another blunder following the massive data breach suffered by the company – it advised some customers on Twitter to access a fake support website set up by a security researcher. Equifax staff advised breach victims on Twitter […]

Malware, Phishing, Security

Office 365 Phishing attacks create a sustained insider nightmare for IT

September 20, 2017

Via: CSO Online

DERBYCON – Earlier this month, Salted Hash deconstructed a Phishing email that had bypassed company filters and made into the general inbox. The email focused on an outdated company subdivision, and was easily spotted as a scam. However, we’ve since […]

Data loss, Phishing

News in brief: Linux advice for Equifax; fired over phish; Security.txt standard proposed

September 19, 2017

Via: Naked Security

Writing on the Double Pulsar site, infosec practitioner Kevin Beaumont suggests Security Enhanced Linux (SELinux) would have saved Equifax from the disastrous breach it disclosed earlier this month. If you’re going to have Apache Struts facing the internet, SELinux is the way […]

Data loss, Phishing

Vevo hacked, 3.12 TB of data leaked

September 18, 2017

Via: Naked Security

There’s a good chance that you’ve watched a popular music video from Vevo, either via YouTube,  Vevo’s website or its mobile app. Most popular music artists release their videos through Vevo these days. The company – a joint venture between […]

Email security, Phishing

Business Email Compromise Campaign Harvesting Credentials in Numerous Industries

August 24, 2017

Via: Threat Post

A business email compromise campaign emanating out of Western Africa is targeting companies in a wide swathe of industries, bucking a trend of these scams focusing on wire fraud and targeting CEOs. The criminals are using phishing emails with links […]

Phishing, Spam

Spam and phishing in Q2 2017

August 22, 2017

Via: Securelist

At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The […]


Cyber Criminals Hijack Chrome Extensions and put 4.7 Million Users at Risk

August 17, 2017

Via: Security Affairs

Over 4.7 million users could be at risk after being exposed to malicious adverts and credentials theft due to developer accounts of popular chrome extensions being hijacked by cyber criminals. A phishing campaign run by Cyber Criminals in July that […]

Malware, Phishing, Spam

Spam Domains Imitating Popular Banks Spreading Trickbot Banking Trojan

August 16, 2017

Via: Threat Post

Santander Bank customers should be aware of an effective spam campaign spreading the Trickbot banking Trojan that is coming from domains similar to those used by the financial institution. Researchers at My Online Security and the SANS Institute’s Internet Storm Center say that Santander […]


Top 10 Email Subjects for Company Phishing Attacks

August 15, 2017

Via: Panda Security

George is in his office responding to his morning emails when he notices an unusual message. The subject is concise: “Security Alert”. Obviously, he wants to know what’s going on. He opens it, reads the first paragraph to see what […]