Spammers have jumped on the Dropbox bandwagon to push rogue-pharmaceuticals and malware, according to a report by Symantec’s Nick Johnston.
Browsing Category: Social Engineering
The seeds of LulzSec’s downfall were sown long before the FBI and Scotland Yard went knocking on doors this week. In fact, the group owes its downfall to a series of small, internal skirmishes, unforced errors and unlikely clues that created a virtual trail to its leaders, a Threatpost investigation found.
A new series of mass-injections have been targeting WordPress sites as of late and appear to have already infected more than 200,000 web pages according to a report on Websense’s Security Labs blog earlier this week.
If the folks behind the photo sharing Web site Pinterest were looking for some validation that their fledgelings social media site had “arrived,” they got it this weekend, after scammers jumped on the site and used it to direct Pinterest users to survey scam Web sites.
You wouldn’t know it from reading the news, but business identity theft is becoming an increasingly large concern for small business owners, according to a report filed by NPR’s Yuki Noguchi today on Morning Edition.
Right on cue this week, the anarchic hacking collective Anonymous stepped up and grabbed the story line away from the lions of the IT security industry.With the annual RSA Conference set to begin, the whistle blowing site Wikileaks released the first of some five million e-mail messages stolen from the security intelligence firm Stratfor. Ever sensitive to the fickle attention of the media, Anonymous inserted itself into the story, claiming responsibility for leaking the data and pointing a finger of blame at Stratfor and its media, private and public sector customers, which Anonymous accuses of spying and other dark offenses.
A new version of the Flashback Trojan that targets Macs has appeared, and this one uses a drive-by download technique to attempt exploits of two Java vulnerabilities. The Flashback.G malware also tries to trick users into accepting a fake digital certificate, which will install the malware if the Java exploits fail.
Forget about data stealing trojans. Unidentified thieves got a hold of top secret plans for a joint French-British drone aircraft project the old fashioned way: by snatching an executive’s briefcase at a Paris train station.
A domain registered two days ago as groupon500.com, which claims to offer a $500 voucher toward Groupon or its primary competitor, LivingSocial, is actually registering users for ‘free’ trial offers that aren’t free at all. The best part, however, is that everything about this scam is perfectly legal according to Zscaler’s Julien Sobrier.
Google is in the process of developing a tool to help users generate strong passwords for the various and sundry Web sites for which they need to register and authenticate. The password-generator is meant to serve as an interim solution for users while Google and other companies continue to work on widespread deployment of the OpenID standard.