Business email compromise scams trick corporate executives, employees and clients into transferring business funds to criminal bank accounts in China.
Browsing Category: Social Engineering
Gitrob, an open source intelligence tool, helps security analysts search Github organization repositories for files not meant for public consumption.
Spam campaigns in the U.K. are using Office macros to spread the Dridex banking Trojan, researchers at Trustwave report.
Security researchers are tracking a new version of the Emomet malware that is targeting users’ banking credentials and also has the ability to steal email usernames and passwords, which are then used to send spam from compromised accounts. The new variant of Emomet has mostly been seen targeting users in Germany, but researchers at Microsoft[…]
Microsoft is warning of a significant uptick in threats tricking users to enable macros and then infecting them with malicious macros files.
Unknown hackers were able to compromise vital systems belonging to ICANN, the organization that manages the global top-level domain system, and had access to the system that manages the files with data on resolving specific domain names.
Computer users will click through browser warnings and security alerts in order to complete a task, but once they’re hacked, their behaviors change, a recent BYU study learned.
Researchers have discovered a group of attackers who have published a variety of compromised WordPress themes and plug-ins on legitimate-looking sites, tricking developers into downloading and installing them on their own sites.
A cyberespionage team, possibly based in Russia, has been using a Windows zero day vulnerability to target a variety of organizations in several countries, including the United States, Poland, Ukraine and western Europe.
Spam emails pretending to be a security update for LogMeIn users, including a new security certificate countering Heartbleed attacks, are making the rounds, warns the SANS Institute.