Top

Tag: Phishing


Email security, Security

Unmasking 2024’s Email Security Landscape

February 28, 2024

Via: Security Affairs

In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense. VIPRE Security Group’s latest report, “Email Security […]


Network security, Security

OpenAI shuts down China, Russia, Iran, N Korea accounts caught doing naughty things

February 14, 2024

Via: The Register

OpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. Specifically, China, Iran, Russia, and North Korea were apparently “querying […]


Cyber-crime, Malware

Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond

February 13, 2024

Via: The Register

The number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November. Researchers from Proofpoint listed many C-suite roles as prime targets […]


Threats & Malware, Virus & Malware

Meet VexTrio, a network of 70K hijacked websites crooks use to sling malware, fraud

February 12, 2024

Via: The Register

More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. This mesh of compromised sites is known as VexTrio, […]


Cyber-crime, Phishing

New York AG Sues Citibank for Poor Phishing Protections

January 30, 2024

Via: DataBreach Today

The New York attorney general sued the third-largest bank in the United States over its alleged failure to protect consumers from scammers and its refusal to make victims whole after online thieves have plundered their life savings. Manhattan-based Citibank, state […]


Cyber-crime, Phishing

Microsoft 365 users need to be on their guard — new phishing campaign could cause some serious damage, and it’s being offered for sale for barely nothing to lure new criminals in

January 29, 2024

Via: Tech Xplore

A new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost. Greatness was developed by a threat actor going by […]


Access control, Security

1Kosmos BlockID 1Key secures users in restricted environments

January 25, 2024

Via: Help Net Security

1Kosmos announced BlockID 1Key, a biometric security key to provide a phishing-resistant passwordless multi-factor authentication option for Sensitive Compartmented Information Facilities (SCIF), manufacturing clean rooms, customer help desks, higher education labs, retail bank branches, healthcare providers and other restricted environments […]


Network security, Security

GCHQ’s NCSC warns of ‘realistic possibility’ AI will help state-backed malware evade detection

January 24, 2024

Via: The Register

The idea that AI could generate super-potent and undetectable malware has been bandied about for years – and also already debunked. However, an article published today by the UK National Cyber Security Centre (NCSC) suggests there is a “realistic possibility” […]


Threats & Malware, Virus & Malware

So, are we going to talk about how GitHub is an absolute boon for malware, or nah?

January 12, 2024

Via: The Register

The popularity of Github has made it too big to block, which is a boon to dissidents ducking government censors but a problem for internet security. GitHub says it is used by more than 100 million developers around the world. […]


Data loss, Threats & Malware

Another top US mortgage firm reveals a major data breach, over a million customers affected

December 28, 2023

Via: TechRadar

LoanCare suffered a data breach last month, which resulted in the theft of sensitive customer data, the insurance service company has confirmed. Roughly 1.3 million people were affected by the breach, the company further explained, as hackers stole people’s full […]


Network security, Security

The SANS Holiday Hack Challenge is back!

December 14, 2023

Via: The Register

Whether you are considering a career in cyber security or you already work in the industry, the 2023 SANS Holiday Hack Challenge is a great way of combining festive fun and learning. Who knows, the skills you acquire this holiday […]


Data loss, Threats & Malware

Nearly a million non-profit donors’ details left exposed in unsecured database

December 13, 2023

Via: The Register

Close to a million records containing personally identifiable information belonging to donors that sent money to non-profits were found exposed in an online database. The database is owned and operated by DonorView – provider of a cloud-based fundraising platform used […]


Cyber-crime, Phishing

Five Eyes nations warn Moscow’s mates at the Star Blizzard gang have new phishing targets

December 8, 2023

Via: The Register

Russia-backed attackers have named new targets for their ongoing phishing campaigns, with defense-industrial firms and energy facilities now in their sights, according to agencies of the Five Eyes alliance. In a joint security alert issued on Thursday, seven agencies* from […]


Data loss, Threats & Malware

Okta data breach dilemma dwarfs earlier estimates

November 29, 2023

Via: The Register

Okta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought. Chief security officer David Bradbury originally said earlier this month that according to the company’s root cause […]


Cyber-crime, Malware

The Impact of AI on Social Engineering Cyber Attacks

November 8, 2023

Via: SecureWorld

Social engineering attacks have long been a threat to businesses worldwide, statistically comprising roughly 98% of cyberattacks worldwide. The average business faces more than 700 of these types of attacks every single year. Whether manifesting itself in a sophisticated phishing […]


Cyber warfare, Cyber-crime

MuddyWater has been spotted targeting two Israeli entities

November 3, 2023

Via: Security Affairs

Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, and Static Kitten) is targeting Israeli entities in a new spear-phishing campaign, Deep Instinct’s Threat Research team reported. The phishing messages were aimed at deploying a legitimate remote administration tool called Advanced Monitoring […]


Data loss, Threats & Malware

Okta tells 5,000 of its own staff that their data was accessed in third-party breach

November 2, 2023

Via: The Register

Okta has sent out breach notifications to almost 5,000 current and former employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical insurance plan numbers. […]


Cyber-crime, Phishing

Ingenious Phishing Tactics in the Modern Scammer’s Toolbox

October 30, 2023

Via: SecureWorld

When it comes to impactful types of internet-borne crime, phishing is the name of the game. And for good reason. It serves as a vessel for various strains of malware, including ransomware, and underlies data-stealing campaigns that target large organizations […]


Editorial

Understanding Bulletproof Hosting: The Dark Underbelly of Cybercrime

October 23, 2023

Via: Natalie Dunn

The digital landscape has revolutionized our lives, connecting people across the globe. However, alongside the many positive aspects, there exists a dark underbelly of cybercrime, where hackers operate with impunity. One essential tool in the arsenal of these malicious actors […]


Threats & Malware, Virus & Malware

How to stop ransomware thieves WORMing their way into your data

October 6, 2023

Via: The Register

Most of us dislike cyber criminals, but not many of us dislike them quite as much as Anthony Cusimano. The director of technical marketing at storage company Object First was on the sharp end of an identity theft attack after […]