“ScamClub” gang outed for exploiting iPhone browser bug to spew ads
Published Feb 19 2021 11:12 AM
Pop up ads are annoying at best and often the channel for damage or theft of our information. This article details the way “ScamClub” exploited an iPhone bug to pop up the ads that appeared innocent but stole information or in a more elaborate scheme took our money with promises of big payouts.
https://nakedsecurity.sophos.com/2021/02/17/scamclub-gang-outed-for-exploiting-iphone-browser-bug-to-spew-ads/?fbclid=IwAR1qwi2czd9boR-ynGTBC0ojmVWIVaylDY-GxclXIxiXyfMKHd6qUGU1eC0
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Hidden Dangers of Microsoft 365's Power Automate and eDiscovery Tools
Published Feb 19 2021 11:12 AM
Microsoft 365 is one of the most widely used applications in the world. As we saw with the recent SolarWinds attack, the focus of attacks has moved to applications from individual companies. Research shows that communication between Microsoft applications can bypass security precautions and provide an avenue for attackers.
https://www.darkreading.com/application-security/hidden-dangers-of-microsoft-365s-power-automate-and-ediscovery-tools-/a/d-id/1340014?fbclid=IwAR1zJ9x88awPCCqbRRYdsvLFbcu_eD1wyCfB_N8xatQTeINvtY9Y9uHoY74
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Compromised Credentials Show That Abuse Happens in Multiple Phases
Published Feb 19 2021 11:11 AM
The theft of user credentials has long been known as a tool for cyber criminals to gain access to a company network and resources. But recent research shows that before the attacks we see, the cyber criminals have been doing damage but in a more covert way. Then when they have capitalized on the stolen credentials for themselves, they begin to make the stolen credentials available to other cyber criminals.
https://www.darkreading.com/attacks-breaches/compromised-credentials-show-that-abuse-happens-in-multiple-phases/d/d-id/1340179?_mc=NL_DR_EDT_DR_daily_20210217&cid=NL_DR_EDT_DR_daily_20210217&elq_mid=102170&elq_cid=34773767
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Covid and Phishing
Published Feb 11 2021 4:14 PM
The Covid -19 pandemic has been a nightmare for much of the world. But it has been a benefit to the cyber criminal community by providing phishing subject lines that got people to click at an alarming rate.
https://apscdn.nyc3.cdn.digitaloceanspaces.com/resources/pdf/insights/Covid%20and%20Phishing%20v1%20%202021-02-12.pdf
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Android App Infects Millions of Devices With a Single Update
Published Feb 11 2021 4:13 PM
A popular Android app called Barcode Scanner was compromised and delivered malware to the approximately 10 million people who downloaded or update the app.
https://www.darkreading.com/application-security/android-app-infects-millions-of-devices-with-a-single-update/d/d-id/1340093?fbclid=IwAR2AhA7sCS2z2pYouIvdi0AjEdzKgzLvvGwV_-KtYeNxm9ETyKGtnGT6QK0
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Unemployment Fraud: As If Being Out of Work Wasn't Bad Enough
Published Feb 11 2021 4:12 PM
Using stolen identities cyber criminals are registering for unemployment benefits. The current estimate is that Covid-19 employment fraud cost the government over $36 billion in 2020. And if it is your identity that was stolen you would not be able to get the unemployment benefits you may be entitled to.
https://www.darkreading.com/edge/theedge/unemployment-fraud-as-if-being-out-of-work-wasnt-bad-enough/b/d-id/1340088?fbclid=IwAR2Mx_NO24nnnvaElglyLRH9sy113DCSHMrHOp4uXiL5u_idZ4UXnPC7dcg
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Over 400 Valentine’s Day-Themed Phishing Campaigns Spotted Weekly
Published Feb 11 2021 4:12 PM
The approaching Valentine’s Day has given cyber criminals a topic of high interest. Jewelry, flowers, candy, other gifts are all topics that catch people’s eye and interest. And that gets them to click the malicious links.
https://www.cxotoday.com/security/over-400-valentines-day-themed-phishing-campaigns-spotted-weekly/
If clicking the link does not take you to the proper page, copy and paste the link into your browser.
Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again
Published Feb 11 2021 4:00 PM
Ransomware attacks can be devastating especially to small and medium companies. Being out of business until the systems are restored is costly, as is paying the ransom. But one company, and there probably are many more, that failed to determine how their systems were compromised. So the attackers returned and the company had to pay another ransom.
https://www.zdnet.com/article/ransomware-this-is-the-first-thing-you-should-think-about-if-you-fall-victim-to-an-attack/?ftag=TRE6a12a91&bhid=29017885593246285133005340243949&mid=13258092&cid=2201587059
If clicking the link does not take you to the proper page, copy and paste the link into your browser.