Phishers are using a typosquatted domain name designed to mimic the URL of a popular e-commerce destination in order to lure their victims to a malicious Website that prompts its visitors to download a malicious add-on that will guide users to phishing sites, even when they type legitimate URLs into their browser’s address bar.
Browsing Category: SMB Security
UPDATE – America’s largest book retailer, Barnes & Noble, announced this morning it has detected evidence of tampering in 63 PIN-pad devices used in as many stores by criminals trying to steal payment card information. Barnes & Noble claims to have disconnected all the affected devices from service on Sept. 14. The retailer did not disclose how many customers may have been affected by the tampered devices.
An online service that sells fairly cheap access to compromised corporate machines creates a pay-to-play scenario for criminals seeking access to the networks of high-profile organizations, according to a Krebs on Security report.
Criminal hackers launched an attack campaign earlier this week in which they sent a slew of emails purporting to come from the financial software developer Intuit. The emails contained links that led to sites hosting the Blackhole exploit kit in an apparent attempt to infect the machines of corporate users.
More than three quarters of small business owners claim their companies are safe from cyber attacks, yet only 17 percent of those businesses have implemented a formal cybersecurity plan.This is just one of many problems for small businesses in the digital realm, according to a joint survey (.PDF) released by the National Cyber Security Alliance (NCSA) and security firm Symantec this week.
Please leave your credit card number, its expiration date and security code, along with your full name and billing address in the comments section of this blog post. You’re obviously not going to do this. You know better, I know better, but there are those who don’t. So many, in fact, that scammers are not only comfortable with and willing to invest in scams no more or less complicated, but they are also confident that the scams will succeed.
A zero-day vulnerability in Novell ZENworks Asset Management Software 7.5 gives access to any files with system privileges and could also allow an attacker to grab configuration parameters, including the backend credentials in clear text, according to Rapid7 exploit developer Juan Vazquez who discovered the vulnerability and wrote an exploit module for Metasploit
Capital One Financial Corp. told Bloomberg’s Businessweek that its online banking services had been temporarily disabled on Tuesday but that no customer and account information was ever at risk.
Dozens of individuals from Winchester, a small Kentucky town east of Lexington have been targeted by hackers, according to a report earlier this week in the Lexington Herald-Leader. The newspaper claims between 50 and 100 diners at Puerta Grande, a small Mexican restaurant, were hit with bank fraud at some point in the last two weeks.
The Chinese Government has “pervasive access” to 80 percent of the world’s communications even military-grade encryption no longer provides sufficient protection to sensitive data, a former Pentagon analyst warns.