Browsing Category: Social Engineering

twitter sand castle

Exploiting the Twitter Underground for Fun and Profit

The underground economy on Twitter is still flourishing, and it appears to be a buyer’s market for followers right now, with new research showing that the price for 1,000 followers has dropped nearly 50 percent in the last few months.

Read more...

apple store

Apple Phishing Scams on the Rise

Categories: Apple, Social Engineering

Apple has one of the more gilded consumer brands and the company spends a lot of time and money to keep it that way. Consumers love Apple. Scammers and attackers do too, though, and security researchers in recent months have seen a major spike in the volume of phishing emails abusing Apple’s brand, most of which are focused on stealing users’ Apple IDs and payment information.

Read more...

prism2

NetTraveler Attackers Using NSA PRISM Program as Bait

Never let it be said that attackers don’t keep up with the news. The crew behind the NetTraveler cyberespionage attacks is now using the news about the NSA’s PRISM surveillance program as bait in a new spear-phishing campaign.

Read more...

google_vulns

Google Advocates 7-Day Deadline to Publicize Critical Vulnerabilities

Two security engineers for Google say the company will now support researchers publicizing details of critical vulnerabilities under active exploitation just seven days after they’ve alerted a company.

Read more...

fakesourceforge

More Malware Showing Up on Fake SourceForge Web Sites

Malware developers continue to clone SourceForge Web sites that appear to offer the source code for popular gaming software but are actually peddling malicious code tied to the ZeroAccess Trojan.

Read more...

Google drive vulnerability

Google Joins FIDO Alliance Effort to Move Beyond Passwords

Google, which gradually has been moving its users away from using passwords as their main form of authentication for Web services, has joined a young organization whose goal is to phase out passwords and replace them with various forms of strong authentication. The FIDO Alliance, formed last year, is working to make two-factor authentication the[...]

Read more...

ap_hack

Hijacking of AP Twitter Account Renews Calls for Two-Factor Authentication

Categories: Social Engineering

Twitter is facing increased pressure to beef up authentication for users after the hijacking of another high-profile account yesterday caused some temporary tremors on the stock market. The social network has reportedly been testing two-factor authentication internally; Twitter lags behind Google, Facebook, Microsoft and Apple in implementing a two-factor authentication system. Wired claimed in a[...]

Read more...

SAUalert

Telephony Denial-of-Service Attacks Prompt Federal Attention

The call-center equivalent of network-based denial-of-service attacks, known as telephony denial-of-service (TDoS), have targeted emergency services among other industries, enough to garner attention from the Department of Homeland Security, Federal Bureau of Investigation, Federal Communications Commission and others in an confidential alert memo, Krebs on Security reported.

Read more...

spearphishing

Spear Phishing Cause of South Korean Cyber Attack

It appears that a spear phishing campaign was the genesis for the wiper malware infections that ultimately knocked several prominent South Korean banks and broadcasters offline last week, according to a malware analysis performed by researchers from the Finnish cybersecurity firm F-Secure.

Read more...