Tag: Phishing
You are here: Home \ Phishing \ Page 5
Google’s Safe Browsing program expands to include “Repeat Offender” websites in blacklisting program.
LAS VEGAS – Poor operational security on the part of Nigerian scammers running a Business Email Compromise (BEC) scheme has given researchers a window into their operations. Dell SecureWorks today published a report at Black Hat USA 2016 on what the criminals involved call wire-wire, or “waya-waya.” These attackers aren’t particularly sophisticated malware coders, for...
LastPass has patched a vulnerability in its Firefox add-on found by Google Project Zero researcher Tavis Ormandy that allows attackers complete remote compromise of the password manager, . The divisive Ormandy submitted a bug report on Tuesday to LastPass after a series of tweets hinting at serious problems in the password manager. Ormandy has been behind...
Mike Mimoso and Chris Brook recap the news of the week, including a Bitcoin phishing campaign, the Kaspersky Lab ransomware report, misconfigured email servers, and a decline in Angler exploit kit traffic. Download: Threatpost_News_Wrap_June_24_2016.mp3 Music by Chris Gonsalves
For the last month, attackers have used a combination of phishing and typosquatting to carry out a campaign aimed at stealing Bitcoin and blockchain wallet credentials. More than 100 phony Bitcoin and blockchain domains have been set up so far, many which mimic legitimate Bitcoin wallets. Most of the sites were registered on May 26...
A Microsoft Office vulnerability patched six months ago continues to be a valuable tool for APT gangs operating primarily in Southeast Asia and the Far East. Researchers at Kaspersky Lab today published a report describing how attackers continue to flourish exploiting CVE-2015-2545, a remote code execution vulnerability where an attacker crafts an EPS image file...
A lack of security common sense still plagues businesses with 30 percent of phishing emails opened by campaign targets. Worse, 12 percent click on the attachments inside those phishing attacks, giving crooks easy access to systems to snarf up credentials that are later used to pull off financially or espionage motivated crimes. That’s the big...
As sales of IoT devices continue to see year-over-year double digit growth, security experts are urging the wearable industry to put security front and center when it comes to designing fitness tracker hardware, firmware and backend systems. In a report released Wednesday by the IEEE Center for Secure Design, researchers spotlighted six security red flags...
LastPass has taken measures to mitigate a phishing attack described this weekend at ShmooCon that put at risk users’ credentials and information stored by the password manager. Researcher Sean Cassidy, chief technology officer of cloud security company Praesidio, demonstrated an attack where he was able to recreate a LastPass login page, pixel-for-pixel as he said....
10 November 2015 - 15:49,
by ,
in News, No comments
Comcast says it wasn’t hacked, but hundreds of thousands of its customers may have been, forcing the cable giant to reset passwords to email accounts of about 200,000 customers. The forced password reset came after an independent security researcher spotted an ad on a Dark Web marketplace offering 590,000 Comcast subscriber email addresses and plaintext passwords for $1000...