1. Correlate

    Security Alert Adobe and Google Open Redirects Abused by Phishing Campaigns

  2. P

    Discuss Phishing in 2019. Has it changed over the years?

    Hi everyone. Does anyone feel that phishing has developed and now it's more intricate than say a couple of years ago? What is Phishing? Guide with Examples for 2019 E.g. in my personal feeling, there are fewer email scams nowadays, but this thing develops into something more intricate like...
  3. J

    Discuss Recognize suspicious sites

    It is important to know which sites are malicious (malware sites) or phishing. Yes we can upload an address to an online malware scanner but it can happen the malicious site is FUD so it seems it is clean. The most important thing to defend us from phishing is to verify the presence of forms to...
  4. upnorth

    Off-Topic Stopping the Explosion of Ransomware

    A good educational talk about Ransomware what it is and how to handle it with Erich Kron. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere and holds CISSP, CISSP-ISSAP, MCITP and ITIL v3 certifications, among others. The video is about 40 minutes long. Enjoy!
  5. oneeye

    Beware of phishing scams this holiday season

    Greetings all, Don't forget to remind family & friends about Phishing attempts this holiday shopping season, as more people are shopping online these days, and especially today and this coming CyberMonday. The article has more information links. " The holidays are a busy time for buying gifts...
  6. frogboy

    Security Alert Cybercriminals focus on the shipping and cloud storage sectors

    The Anti-Phishing Working Group’s latest report found upticks in phishing attacks against companies in the Logistics & Shipping as well Cloud Storage & File Hosting sectors, mounted by cyber gangs against the accounts of both individuals and enterprises. Once they steal usernames and passwords...
  7. frogboy

    Threat Actors Target Chinese Language News Sites

    A California-based news website covering China, called China Digital Times, was targeted in a spying campaign that involved phishing lures and the use of the NetWire remote access Trojan. The attacks began in February 2017 and were part of a wider campaign of phishing, reconnaissance and...
  8. frogboy

    South Korean bitcoin exchange hacked, user accounts plundered

    Bithumb, a South Korean bitcoin and ether exchange, has suffered a data breach that resulted in customer losses potentially reaching billions of South Korean won (currently, a billion won is equivalent to some 870,000 US dollars). The breach According to Brave New Coin, Bithumb discovered the...
  9. Andra Zaharia

    Security Alert Fake Delta Airlines Receipt Spreads Financial Malware

    Did someone buy a plane ticket using your ID? Nope, it's just cyber criminals trying to lure you into a financial malware infection. And what a cocktail it is! Hancitor dropper + Pony infostealer + Zloader banking malware Details and printscreen in this alert (zip-lock fresh!): Security...
  10. Parsh

    Security Alert Phishing Attack almost impossible to detect in Chrome, Firefox and Opera

    A Chinese infosec researcher has discovered a new "almost impossible to detect" phishing attack that can be used to trick even the most careful users on the Internet. He warned, Hackers can use a known vulnerability in the Chrome, Firefox and Opera web browsers to display their fake domain names...
  11. S

    Security Alert Job applicants being infected with Ransomware

    Some job applicants are having their computers infected with malware (Petya). It is done through multiple methods of exploitation including spear phishing, exploitation of Macros in Microsoft Office (see article). The applicationt gets an email containing a PDF or Excel file which exploits a...
  12. frogboy

    Security Alert Gugi/Fanta/Lime Malware Takes Over Androids

    A new family of financial malware, dubbed Gugi/Fanta/Lime, has emerged on the scene. It can bypass the standard security protocols of an Android operating system (version 6). The malware seeks system privileges and user credentials, and once it gains them, it acquires complete control of the...
  13. Andra Zaharia

    Security Alert LinkedIn Phishing Campaign Pretends to Care for Your Security

    Now, phishing campaigns are nothing new. But I wanted to take the chance to "dissect" this one for the benefit of people who believe that it can't happen to them. Did you know that 23% of email recipients open phishing messages and 11% click on attachments? It may not sound like much, but...
  14. Logethica

    NIST & InAuth Agree: SMS 2FA is Vulnerable

    NIST Has It Right-SMS Is Not Secure- By Michael Lynch, Chief Strategy Officer, InAuth: SOURCE: cybersecuritytrend.com (ARTICLE DATE: 17 Aug 2016) The National Institute of Standards and Technology (NIST), the non-regulatory agency of the United States Department of Commerce that publishes...