Women who work in adult chat rooms are called "cam girls". I say the women that work for "wrong number" text message scams should be called "scam girls".
However in the latter case they are not actually behind the scam or significant beneficiaries - they are just tools or "front women" of the orgs that operate them. The send out R rated photos, try to engage respondents and gain their confidence, then ply them with a fraudulent scam.
- Banco: Evite caer en estafas, es su responsabilidad revisar el dominio oficial del banco y no caer en phishing, no entre a páginas fraudulentas que imitan la imagen del banco.
- También el banco: Gane con nuestra promoción, enviada desde otro dominio .com que cualquiera pudo comprar, aquí tiene este usuario y contraseña en texto plano para que lo ingrese en otro sitio web con dominio cualquiera .com 🤦♂️
We've noted a noticeable uptick in #phishing and #smishing campaigns targeting the USPS. Using Iris Investigate and our integration with @maltegohq, we look at IOCs to better understand the scope of this campaign and a possible person of interest. https://www.domaintools.com/resources/blog/return-to-sender-a-brief-analysis-of-a-us-postal-service-smishing-campaign?utm_source=Social&utm_medium=Mastodon&utm_campaign=return-to-sender-a-brief-analysis-of-a-us-postal-service-smishing-campaign
Gname took the lazy approach and rather than look at the site to see it was a clear phishing scam asked me to submit a report via their "official form." Which I did. So now we wait, again.
I think my email could have been more descriptive. Lesson learned for next time.
The saga continues...
Phishing dans Outlook : la technique ZeroFont est particulièrement trompeuse ! https://www.it-connect.fr/phishing-dans-outlook-la-technique-zerofont-est-particulierement-trompeuse/ #Cybersécurité #Sécurité #Phishing #Outlook
Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors – Source:thehackernews.com https://ciso2ciso.com/red-cross-themed-phishing-attacks-distributing-dangerads-and-atlasagent-backdoors-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Cross-Themed #Phishing
While we wait... Why bother? Well, glad you asked (no one has... yet)
URLs cost money. Even for big ops they cost a few bucks each. Each time you *quickly* report abuse to the registrar resulting in suspension, the bad guys lose $.
ALSO: You are also saving "Gullible Grandma" who got this text 2 hours ago while at water aerobics and is just now clicking the URL. She gets an error vs handing over her personal information. Be a hero, fight back!
Armed with the registrar's abuse email all we have to do is send a super quick and to the point email with proof of the bad guys using the URL.
So far I've had 100% success in getting the URLs taken down in a day or so.
I have never worked with gname before so now we wait and see.
Attackers Trick #Outlook into Showing Fake AV Scans https://www.darkreading.com/endpoint/hackers-abuse-zerofont-phishing-tactic-to-trick-outlook-into-showing-fake-av-scans @darkreading
So let's see who their registrar is. I go directly to ICANN for this https://lookup.icann.org/en/lookup but you can use whatever service you like.
ICANN says the registrant of this URL is... adadasdadasdad. Seems legit!
They also provide contact info for the registrar. The registrar is the company the bad guys bought the URL from. International laws require them to take reports of fraud seriously. Never worked with gname.com before. Let's see...
This is a fun one because it's #iMessage. Rare in my experience, but seems more common lately.
USPS won't randomly SMS or iMessage you. And they won't send you to some garbage .top URL.
Don't reply to troll. That only confirms you are a target and increases the resale value of your info.
Take a screen shot, and then "report junk".
Because this is iMessage, we can't take down their SMS service. I'll have to teach you that some other time.
Una campagna malevola è stata diffusa tramite un dominio AdHoc e nel sito è riportato un falso numero di Segugio.
Così i criminali possono veicolare la frode telefonicamente!
Traditionally done as a way to stuff keywords in a resume to bypass AI filters, bad actors have found another use for the tactic.
Now, trusting security scans has come into question. Can't we have anything nice? https://www.bleepingcomputer.com/news/security/new-zerofont-phishing-tricks-outlook-into-showing-fake-av-scans/
Cofense reports on malicious HTML attachments that carry out Browser-in-the-Browser (BitB) attacks. BitB attacks can be effective because they abuse modern Single-Sign-On (SSO) mentality and user trust in the URL bar. IOC are provided.
On January 9, 2017 for the first time we saw this technique used in a malicious campaign against PayPal.
The threat actor CaZaNoVa was selling for $30 a #ZeroFont email generator advertised on Facebook and YouTube.
This technique aims to evade spam filters by inserting invisible characters that are mixed with suspicious visible content.
Unfortunately, the YouTube video has been removed.
Too many financial institutions don't care about encouraging their customers in dangerous practices.
As phishing fraud hits more and more of us we are rightly warned not to use links in emails to login to our financial services yet so many organisations that should know better continue to do this.
I don't care if they do address me by name and include the last four digits of my account. Their actions encourage bad practice.
Best practice is only to include links that take you to information pages.
Eine angeblich von Comdirect kommende eMail behauptet mal wieder, ich müsse unbedingt den "Identifikationsprozess" abschließen, und sie hätten vorsorglich mein Konto gesperrt.
Mein NICHTVORHANDENES Konto, versteht sich 😂
Die Bewertungsplattform trustami.com wird seit 2018 vom Bundesministerium f. #Wirtschaft u. Klimaschutz als Erfolgsgeschichte genannt. Um den Dienst nutzen zu können, müssen Unternehmen sich dort registrieren/anmelden. Trustami pfeifft aber entgegen den eigenen Angaben auf das freiwillige, eigenmächtige Opt-In von Unternehmen. Die melden dich ohne dein Wissen dort an, veröffentlichen deine #Daten und gehen dir mit dreisten, kackfrechen Werbe-Spam und #Phishing auf die Nerven.
An updated version of an Android banking trojan called #Xenomorph has set its sights on more than 35 financial institutions in the U.S.
The campaign, according to Dutch security firm #ThreatFabric, leverages #phishing web pages that are designed to entice victims into installing malicious Android apps that target a broader list of apps than its predecessors. Some of the other targeted prominent countries targeted comprise Spain, Canada, Italy, and Belgium.
Oh this is cool (conceptually only, of course)! Zero-Font was used to actually display fake security messages in #phishing email preview panes.
Zero-Font obfuscation was previously known to be used to split up suspicious keywords that filters and AI are actively looking for. Now someone used it to construct a security message that apparently these filters take at face-value. Wild stuff. And of course, Outlook is involved.
New #AtlasCross APT actors use American Red Cross as phishing lure https://www.bleepingcomputer.com/news/security/new-atlascross-hackers-use-american-red-cross-as-phishing-lure/ @BleepingComputer @billtoulas
More about this threat actor from NSFocus: https://nsfocusglobal.com/warning-newly-discovered-apt-attacker-atlascross-exploits-red-cross-blood-drive-phishing-for-cyberattack/
ICYMI: Fake celebrity photo leak videos flood #TikTok with Temu referral codes
Not specifically malicious... yet. Classic baiting.
Malicious actors who leverage DNS heavily to support their activity are often unrecognized and orthogonal to malware actors popularized in much media coverage, but they play a critical role in the online criminal economy. We've decided to publish more about those we track and some of our algorithms. Here's an intro! #dns #infosec #threatintel #malware #phishing #scam #spam https://blogs.infoblox.com/cyber-threat-intelligence/introducing-dns-threat-actors/
Cofense reports on an social engineering campaign targeting the hospitality industry (primarily luxury hotel chains and resorts) to deliver information stealers. The initial infection vector are emails and instant messages. They use TTPs to bypass email security, then deliver infection URLs in password-protected archives. No IOC.
Wenn Ihr von Geschäftspartner* eine Mail mit 1 QR-Code erhaltet, der zu einem Microsoft-OneDrive führt, wo Ihr Eure eMail-Adresse und Microsoft-Passwort eingeben sollt, um ein Dokument (pdf) abzurufen: Löschen und dem Absender (telefonisch) Bescheid geben.
Das ist optisch sehr gut gemacht. Alarmiert und sensibilisiert Eure Kolleg*innen.
The World Sailing Championships were recently spoofed by scammers on #Facebook, who used fake offers of free live streaming to fool victims into sharing private data.
#phishing #cybersecurity #Meta #socialmedia #infosec
Have a look at this email I got. Obviously #phishing right? The blurred out parts are weird identifiers. I've never heard of "questionmark.com" and don't have an account with them.
But what if I visit that site. LOL I really wish #MITREEngenuity was here on mastodon (they still hang out on Twixxer)
Because this is relaced to email@example.com. And I do recognize them. #MITRE
This appears to be their assessment provider sending out odd request for people who don't even know they have accounts to update them with weird identifiers. LOL I wouldn't hold it against your MITRE.
The amount of organisations who don't have DMARC setup properly and get quarantined as phishing (spoof external domain) is doing my head in. I don't have the time to contact all of them, find out who runs their email, and educate them about a standard that's been pretty mainstream for years. #DMARC #phishing #falsepositives
It might Be Time to Rethink Phishing Awareness
Wieder nice. SMS phishing. Domain bei Namecheap in den USA registriert und Hosting über Cloudflare versteckt. So geht das. Na mal schauen 👀 ob Namecheap die offline nimmt oder es das klassische Ergebnis sein wird.
Und klärt die Leute auf. Wichtig. Meine Frau hat die SMS bekommen. Und sie kam zu mir und fragte ob das Phishing ist. 👍
Noch ein Hinweis. Meldet das Phishing hier und immer bei Registrar.
Verbraucherzentrale NRW warnt vor Phishing-Mails mit gefälschten Abmahnungen
Die Verbraucherzentrale NRW warnt vor derzeit gehäuft versendeten Phishing-Mails, die Empfänger mit gefälschten Abmahnungen verunsichern.
It might Be Time to Rethink Phishing Awareness
So some of you might remember this post (and the subsequent demonstration on national news) of using a voice cloning tool (AI, Audio Deep Fake) by @racheltobac
Link to post: https://infosec.exchange/@racheltobac/110963070495263373
(If you haven't seen it, go watch it. Rachel is amazing.)
I'd never needed to do a similar attack before, but! I was just tasked yesterday with researching it.
Asked some friends for a turn-key solution to clone voices. Got pointed to a website. Signed up for $1 a month (first month... then it goes to $5 a month thereafter).
Pulled some audio of my target's voice down from a youtube interview (a podcast works great too).
Only needed a minute's worth of audio.
Uploaded it to the website for cloning.
Typed out a quick script for the voice to read.
30 seconds later, I had my cloned audio.
It was so good, that it even included natural voice inflections AND!!! verbal pauses like umm's and uhh's that matched the target's original presentation. I can't tell the difference between the cloned voice and the original person.
Y'all... voice cloning and audio deep fakes are well past the ease of "script-kiddy" level. Anyone can do it.
More bad guys sending garbage texts. This is blatant phishing. Maybe spear phishing? The URL was registered yesterday, Friday. Smart, they have all weekend to #cybercrime because many companies typically don’t staff fraud teams on the weekend.
Reported to name silo (registrar) as well as ATT (SMS provider) and the anti phishing working group. (APWG.org)
Neue Webinare zum Schutz vor Cyberangriffen
In fünf Webinaren vom 23.10. bis 27.11.2023 lernen IT-Verantwortliche und Admins von den Profis der SySS GmbH, Hackern stets einen Schritt voraus zu sein.
📣 We're thrilled to announce the launch of Shira, our anti-phishing tool for human rights defenders, activists, and journalists!! 🚀
🛡️ By using Shira, you can learn to identify and defeat phishing attempts. Shira is:
✅ Self-paced & easy to use
✅ Realistic and customisable, with simulations of phishing attempts on email and messaging apps
✅ Developed with support from digital safety experts
✅ Free & open source
Es sind wieder phishing Mails unterwegs, die so tun, als wären sie von der Bank Austria (Absendeadresse hier grad: firstname.lastname@example.org 🤡 )
Darin ein Link zu einer super shady Seite, die dem BA-Login nachempfunden ist (screenshot).
Wer dort Nummer und PIN eingibt, bekommt eine Aufforderung für 2-Faktor-Authentifizierung und wenn diese auch noch eingegeben wird, hat man verloren.
Klickt keine verdächtigen Links an, überprüft immer Absender und im Zweifel meldet euch direkt!
Heads up, folks: scammers are keeping an eye on LinkedIn updates and reaching out directly via text. (Not sure where they got my number but it's definitely out there.) I distracted this one for a couple of hours; not sure if he wised up or his carrier--which I called first thing--shut him down.
#Bluesky developers literally do not care about #phishing at all. Anyone can manipulate link card previews to read whatever one fucking wants them to read, independent from the actual website URL and content.
Here's more info on phishing, including how to recognise and prevent it: https://phishwarn.codeberg.page/#whats-phishing
#Tech fediverse: I'm looking for the feasibility and security for a university email problem. Our university just decided it would end a policy that alumni have email addresses associated with the university in perpetuity. Fair enough - the resources of this promise have to be immense. But there is one group of alumni that our faculty have recognized as potentially deserving of this promise being kept - former students (mainly grad students) who have published as a first and/or corresponding author of a peer reviewed publication. In that case, they still have a tie to our university and people may want to contact them about their work here. So, I have a few questions:
Good news, everybody! Fake Interpol is going to help me get my pretend money back.
A threat actor known for providing ransomware gangs with initial access to enterprise systems has been phishing employees via Microsoft Teams.
“For this activity, Storm-0324 most likely relies on a publicly available tool called TeamsPhisher,” the company says.
It appears that the ALPHV ransomware group is behind MGM Resorts' cyberattack on Monday. The way they reportedly gained initial access is by looking into the MGM employees on LinkedIn, picking one, and then calling the Help Desk.
The ALPHV group is said to be "extremely skilled at social engineering".
Yet finding information on an organization's employees on LinkedIn & and then using it in a vishing attack, often impersonating that individual, is a frequent and rather standard practice in #vishing attacks.
I have seen first-hand that there is a need to improve in a few areas:
🔹 Few organizations are prepared to handle phone-based social engineering. Most companies focus almost entirely on #phishing attack simulations.
That allows blind spots and a lack of processes/preparedness in too many other areas like vishing, social media and SMS-based attacks among other things.
🔹 Having a proper identity verification process in place and training your employees to stick with it often mitigates a lot of vishing/impersonation attacks.
Yet in most cases, there is either a lack of verification process or the employees are not aware of it (they sometimes get trained on it once during onboarding, and then forget all about it).
🔹 Understanding that social engineering is not limited to email attacks. It is a serious threat, and it requires working on a comprehensive social engineering prevention protocol.
We are still waiting for more information on the exact methodology. But it won't be the last time we hear of a similar attack scenario.
➝ 🇺🇸 ☁️ #Microsoft finally explains cause of #Azure breach: An engineer’s account was hacked
➝ 🎫 🔓 See Tickets says #hackers accessed customers’ payment data — again
➝ 🇳🇱 🔓 Chipmaker NXP Semiconductors confirms #databreach involving customers’ information
➝ 🇬🇧 🔓 #UK election body failed cybersecurity test before hack
➝ 🚮 🔓 #Freecycle confirms massive data breach impacting 7 million users
➝ 🇦🇺 🔓 University of #Sydney data breach impacts recent applicants
➝ 🇷🇺 🇺🇸 Wealthy Russian With #Kremlin Ties Gets 9 Years in #Prison for Hacking and Insider Trading Scheme
➝ 🇺🇸 ✈️ US Aeronautical Organization Hacked via #Zoho, #Fortinet Vulnerabilities
➝ 🇮🇷 🎣 Alert: #Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
➝ 🇺🇦 🇷🇺 #Ukraine's CERT Thwarts #APT28's Cyberattack on Critical Energy #Infrastructure
➝ 🎰 💸 #Crypto #casino Stake.com loses $41 million to hot wallet hackers
➝ 🇺🇸 🇬🇧 US, UK take action against members of the Russian-linked #Trickbot hacker syndicate
➝ 🚗 👀 25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy
➝ 🇬🇧 👀 UK lawmakers back down on encryption-busting ‘spy clause’
➝ 🌏 Hundreds of thousands trafficked to work as online scammers in SE #Asia, says UN report
➝ 🇺🇸 ✍🏻 #CISA Hires @dotmudge to Work on Security-by-Design Principles
➝ 🇬🇧 🛒 Children's snack recalled after its website caught serving porn
➝ 🇸🇪 💰 Insurer fined $3M for exposing data of 650k clients for two years
➝ 🇷🇺 Elon Musk's erosion of safety standards at X is helping #Putin spread Russian propaganda, study finds
➝ 🇰🇵 North Korea-backed hackers target security researchers with 0-day
➝ 🎣 Researchers identify high-grade phishing kits attacking nearly 60,000 #Microsoft365 accounts
➝ 🇮🇳 🤖 #India warns of #malware attacks targeting its #Android users
➝ 🇨🇳 💬 Chinese-Speaking Cybercriminals Launch Large-Scale #iMessage Smishing Campaign in U.S.
➝ 💸 💌 Fake #YouPorn extortion #scam threatens to leak your sex tape
➝ 👤 #Okta Warns of Social Engineering Attacks Targeting Super Administrator Privileges
➝ 🎣 🛡️ #Google is enabling #Chrome real-time phishing protection for everyone
➝ 📱🧨 Hacking device #FlipperZero can spam nearby #iPhones with #Bluetooth pop-ups
➝ 🩹 🍏 #Apple patches “clickless” 0-day image processing #vulnerability in #iOS, #macOS
➝ 🩹 🔓 #AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure
📚 This week's recommended reading is: "Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter" by Don Murdoch GSE, MSISE, MBA
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
Phishing-Angriffe mit Googles Looker Studio
IT-Forscher haben hunderte Phishing-Angriffe beobachtet, die mit Googles Looker Studio ausgeführt werden.
Anstieg bei KI-gestützten mehrstufigen Malware- und Phishing-Attacken beobachtet
Ein IT-Sicherheitsunternehmen sieht eine Zunahme an mehrstufigen Phishing- und Malware-Angriffen. Diese seien aufgrund KI-Nutzung bedrohlicher.
40 Prozent mehr Spam-Mails: GMX und web.de sehen KI als Grund
1&1 hat sich die Spam-Filter von GMX und web.de angeschaut: Dort landeten 40 Prozent mehr Mails als im Vorjahreszeitraum. Grund ist auch KI.
"WE HAVE RESTRICTED YOUR BANK ACCOUNT FOR DEPOSITS AND WITHDRAWALS"😱
Millions of #SMBC / #三井住友銀行 account holders (including mortgage accounts like mine) received this email yesterday. However, it was intended to be a *warning from the bank about #phishing.
It made headline news, and social media in #Japan has been abuzz with posts about this 'poorly worded warning'. Or 'brilliant awareness campaign"?😆 (sorry, I couldn't find an English news article) #JapanNews #banking
"Die französische Regierung will Zensurmechanismen auf Browser-Ebene einführen. #Mozilla, bekannt für seinen Firefox-Browser, fürchtet eine dystopische Technik, die autoritären Regimen die Zensur erleichtert.
„Dass eine Regierung anordnen kann, dass eine bestimmte Website in einem Browser/System überhaupt nicht geöffnet wird, ist Neuland, und selbst die repressivsten Regime der Welt ziehen es bisher vor, Websites weiter oben im Netz (Internetanbieter usw.) zu blockieren“, schreibt Mozilla.
Auch wenn die Technik heute in Frankreich vielleicht nur für #Malware und #Phishing genutzt werden würde, entstünde ein Präzedenzfall und die technische Voraussetzung in Browsern für Zensur. „Eine Welt, in der Browser gezwungen werden können, eine Liste verbotener Websites auf Software-Ebene zu integrieren, die sich weder in einer Region noch weltweit öffnen lassen, ist eine beunruhigende Aussicht, die ernste Bedenken hinsichtlich der Meinungsfreiheit aufwirft“, schreibt Udbhav Tiwari. Mozilla fürchtet, dass das Gesetz es dann in Zukunft Browsern schwer machen würde, solche Anfragen von anderen Regierungen abzulehnen."
#Autoritarisierung #Antireport #Netzpolitik
For anyone at @BlueTeamCon who wants to understand why many forms of MFA are not phishing-resistant and why passkeys/FIDO2 are, tomorrow at 12:20pm during lunch in the #unconference room I’ll be delivering an impromptu session on #phishing resistant authentication, including a live demo of #evilginx.
➝ 🇬🇧 👮🏻♂️ #Norfolk and #Suffolk police: Victims and witnesses hit by #databreach
➝ 💬 🔓 #Discord.io confirms breach after hacker steals data of 760K users
➝ 🇺🇸 🏥 #Health plan provider PH TECH joins MOVEit victim list, 1.7 million exposed
➝ 🌍 👮🏻♂️ #Interpol arrests 14 suspected cybercriminals for stealing $40 million
➝ 🇮🇷 #Iran and the Rise of Cyber-Enabled Influence Operations
➝ 🎣 📨 Major U.S. energy org targeted in QR code #phishing attack
➝ 🦠 💸 Jon DiMaggio’s demystifying #LockBit’s Secrets in his latest Ransomware Diaries Vol. 3
➝ 🔓 🎠 Approximately 2000 #Citrix NetScalers backdoored in mass-exploitation campaign
➝ 🇮🇷 Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks
➝ 🇺🇸 💸 #FBI warns of increasing #cryptocurrency recovery scams
➝ 🇵🇱 👮🏻♂️ #LOLEKHosted admin arrested for aiding Netwalker ransomware gang
➝ 🇷🇺 👨🏻⚖️ #Russia slaps #Reddit, #Wikipedia with fines
➝ 🇨🇳 ⚡️ #Tesla reassures Chinese users on #datasecurity amid spying concerns
➝ 🇮🇱 🇺🇸 #Israel, US to Invest $4 Million in Critical Infrastructure Security Projects
➝ 💸 🐈⬛ New #BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools
➝ 🦠 🦝 Raccoon Stealer #malware returns with new stealthier version
➝ 💸 🐧 Monti #Ransomware Returns with New #Linux Variant and Enhanced Evasion Tactics
➝ 🏴☠️ 💻 Over 120,000 Computers Compromised by Info Stealers Linked to Users of #Cybercrime Forums
➝ 🤖 🌪️ Google Brings AI Magic to Fuzz Testing With Eye-Opening Results
➝ 🔑 #Google Introduces First #Quantum Resilient #FIDO2 Security Key Implementation
➝ 🐮 👀 Cult of the Dead Cow releases #Veilid: A secure open-source Peer-to-Peer network for apps that flips off the surveillance economy
➝ 📱 Threat actors use beta apps to bypass mobile app store security
➝ 🛰️ ☠️ How a hacking crew overtook a #satellite from inside a Las Vegas convention center and won $50,000
➝ 🃏 🔓 How to hack #casino card-shuffling machines
➝ 🇫🇷 🏧 Iagona ScrutisWeb Vulnerabilities Could Expose #ATM's to Remote Hacking
📚 This week's recommended reading is: "The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage" by Clifford Paul "Cliff" Stoll
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
Citing EU #GDPDR rules and looking like a standard notification of ToS, the #cybercriminal has invested a lot of work in the quite authentic looking website.
Block the domain and inform your IT security.
Also; ZOOM changed its Terms of Service on 04/01/2023. - You have now agreed that they may use all your data generated while using their app, including the training of LLMs. Check the ToS, Sect.10
🐟 How to Prevent Phishing Attacks? Your Ultimate Guide to Staying Safe Online
4/ #Phishing is a numbers game & difficulty + cost of faking a voice, have limited the use certain presumably effective themes (e.g. call from your lawyer or mom).
Those same factors have led to some companies going going hard on "my voice is my password" #authentication.
Or handling their #insurance .
Because the next few years are going to be a bloodbath.
3/ What I find scary is the super-additive combination of good deepfakes & creative fraudsters.
I think of phone fraud & #phishing as having exceptionally tight feedback loops.
Nature of the operation is to instantly learn what works & fails.
And then refine.
You can patch a phone, but not a person.
Which leaves human behavior littered with foreverday vulnerabilities.
Urgency, fear, curiosity, greed, authority ..
Fraud & #phishing constantly refine how to exploit them.
➝ 🐛 ✂️ Researchers Uncover New High-Severity #Vulnerability in #PaperCut Software
➝ 🇮🇱 🦠 #Israel cybersecurity agency says no breach after senior official self-infects home PC with #malware
➝ 🇺🇸 CISA’s strategic plan adheres to overall Biden administration direction on cybersecurity
➝ 🩹 ❌ Top 12 vulnerabilities list highlights troubling reality: many organizations still aren’t #patching
➝ 🐬 🔓 Hacking tool #FlipperZero tracked by intelligence agencies, which fear white nationalists may deploy it against power grid
➝ 🔥 🔓 Hundreds of #Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
➝ ⚡️ 🔓 Researchers jailbreak a #Tesla to get free in-car feature upgrades
➝ 🏭 📊 Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023
➝ 🇷🇺 👥 Russian hackers target govt orgs in #Microsoft Teams #phishing attacks
➝ 🩹 🔓 #Rapid7 found a bypass for the recently patched actively exploited #Ivanti EPMM bug
➝ 🙈🔓 #Tenable CEO accuses Microsoft of negligence in addressing security flaw
➝ 🎣 📨 Hackers exploited #Salesforce zero-day in #Facebook phishing attack
➝ 🇺🇸 ☁️ US internet hosting company appears to facilitate global #cybercrime, researchers say
➝ 🇨🇳 🇪🇺 #China's #APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
➝ 🦠 💸 Schools Are Now the Leading Target for Cyber Gangs as Ransom Payments Encourage Attacks
➝ 🇺🇸 🇨🇳 Possible Chinese Malware in US Systems - a ‘Ticking Time Bomb’
➝ 🇮🇹 🏦 Cybercriminals Renting #WikiLoader to Target Italian Organizations with Banking Trojan
➝ 🇺🇸 🇨🇳 Microsoft downplays damaging report on Chinese hacking its own engineers vetted
➝ 🇯🇴 💬 #Jordan adopts cybercrime law seen as threat to #freespeech
➝ 🇪🇬 🏥 Hacker Claims to Have Stolen Sensitive Medical Records from #Egypt's Ministry of Health
➝ 🔓 💰 #BankCard USA surrenders and pays #ransom
📚 This week's recommended reading is: "Art of Software Security Assessment, The: Identifying and Preventing Software Vulnerabilities" by Mark Dowd, John McDonald, and Justin Schuh
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
- phishing email comes from Salesforce domain, which is a legitimate domain
- phishing link appears to point to a Facebook domain, another legitimate domain
- if you click the provided link and enter your Facebook credentials, the attacker now has them… because the phishing site is actually hosted on Facebook’s app platform.
I think I'm being target of a phishing attack to my cellphone sent through "Flash SMS".
I frequently receive a message that's automatically displayed in my screen about having won a TV, with yes/no buttons underneath. No matter what I do, a web page automatically opens. The URL points to qrl[.]adc[.]bz/[...]. To mitigate this, I put my phone in airplane mode as quick as possible.
Does anyone here have information about these attacks?
Please boost for visibility.
Krijg je een mail, app, telefoontje of sms van ‘de Belastingdienst’ waarin gevraagd wordt een belastingschuld te betalen?
Dan kun je er donder op zeggen dat het #phishing is.
We vragen je nooit op die manier om een betaling te doen. En er zitten ook nooit links in onze mails.
Krijg je een phishing-bericht? Je helpt ons enorm als je 'm doorstuurt, dan kunnen we met de (meta)informatie hopelijk de oplichters opsporen. Meer info: https://www.belastingdienst.nl/wps/wcm/connect/nl/contact/content/valse-whatsapp-berichten-sms-berichten-mails-apps-brieven-of-telefoontjes
Bedankt voor je oplettendheid alvast!
Ich wäre gerade fast auf #Phishing hereingefallen. Die Mail passte zu gut zu Sachen, die ich gerade gemacht habe. Ich war nur zu faul, meine Zugangsdaten für den falschen Login rauszusuchen. Als ich zurück in die Mail-App gewechselt bin, ist es mit dann aufgefallen. Ja, aber wenn das in einer von einer Millionen Fälle funktioniert, kann man damit wohl genug ergaunern, dass es sich lohnt.
LKA Niedersachsen warnt vor Phishing und Abofallen mit iCloud- und Google-Mails
Derzeit versenden Betrüger Mails, laut denen Apple iCloud- oder Google-Speicherplatz volllaufe. Davor warnt das LKA Niedersachsen.
There's a #phishing scheme popular on #Facebook, which involves hijacking someone's account & then posting a message to selected friends saying "Look who died, in an accident I think you know him so sorry.”
The accompanying link, of course, takes you to a Facebook look-alike login page where you can enter your credentials & get phished in turn.
Reporting these posts to Facebook gets you a little auto-homily about how this content is "not in violation of Community Standards”.
Nice to know.
Well this is heckin hilarious to me:
My work does regular "#phishing tests", where you're supposed to recognise a phishing email and report it.
I just reported one, not thinking much of it, and then got an email from IT saying that no: that was a _real_ email alert from #MicrosoftTeams. They just look _that_ janky! 😆
"Manchester Schools Scammed Out Of $1.2M; Supt. Resigns." https://www.inkfreenews.com/2023/06/30/manchester-schools-scammed-out-of-1-2m-supt-resigns/
"According to the school board, Wieland 'personally and solely' paid nearly $1.2 million to the fraudulent email through electronic payment, even though all legitimate payments to Hagerman Construction had been by check." https://www.msn.com/en-us/news/us/school-board-meeting-sheds-light-on-how-manchester-community-schools-lost-dollar12m/ar-AA1dJZ9i
Here's the kicker: "Indiana superintendent who resigned over $1.2 million in fraud payments gets special role in district" https://readlion.com/indiana-superintendent-who-resigned-over-1-2-million-in-fraud-payments-gets-special-role-in-district/ #edtech #BEC #phishing @PogoWasRight @brett @funnymonkey
Auf Phishing reingefallen: Landesministerium überweist Kriminellen 225.000 Euro
Sachsens Gesundheitsministerium hat eine betrügerische Rechnung bezahlt und Kriminellen 225.000 Euro überwiesen. Vor der Masche hat das LKA schon 2016 gewarnt.