An academic partnership between Stony Brook University and Palo Alto Networks uncovered a massive use of tools that will steal authentication cookies mid-stream instead of credentials.
With an estimated take of over $80 million a month, this scam uses new evasive tactics designed to make detection and investigation of these attacks difficult at best.
A North Korean threat actor is targeting users in Russia with a New Year’s Eve-themed phony screensaver file, the Record reports. Researchers at Cluster25 spotted the activity, and say ...
New York Attorney General Letitia James has released a guide to help businesses defend themselves against credential stuffing attacks. Credential stuffing is a type of brute-force attack ...
Despite a drop in crypto scams in 2020 due to the pandemic, a new report highlights the massive growth in crypto scams… and the profitable results they’re yielding.
Spanning three languages and at least 15,000 unique phishing emails, this latest phishing campaign targets stressed out workers in the U.S. and France, avoiding detection and promising to ...
Scammers are sending phony accusations of copyright infringement to Instagram users in a new phishing attack, Paul Ducklin writes at Naked Security. The scammers are taking advantage of ...
Social engineering isn’t concerned with either novelty or elegance. All that matters is whether it works. ESET’s Jake Moore described a case in point for We Live Security: all someone ...
Your organization's cyber threat landscape is changing lightning fast. So, your security awareness skills need to stay razor sharp, and are increasingly viewed as critical to protect your ...
The growing interest in new cryptocurrencies and the potential to get in early on Amazon’s supposedly forthcoming crypto has scammers taking victims for thousands of dollars.
A new warning from Accenture Security highlights this new cybercriminal group making waves that focuses on a "data breach and extortion” MO rather than relying on ransomware.
A mean-spirited phishing campaign is mocking victims after infecting their devices with Dridex malware, according to Lawrence Abrams at BleepingComputer.
Analysis of data collected by Internet and security services vendor Akamai shows an unimaginable number of cyberattacks, demonstrating how frequently these attacks are happening.
While news reports indicate no impact to the utilities company’s ability to deliver electricity to its’ customers, this could be the start of attacks on critical infrastructure in ...
Doing their part, Google adds new functionality that defaults to automatically adding Google-based calendar invites to a victim’s calendar to lower the malicious value of an invite.
Monongalia Health System in West Virginia has disclosed a data breach that exposed sensitive patient and employee information.
More than half (55%) of phishing attacks target IT departments, according to research commissioned by OpenText. Additionally, nearly half of survey respondents said they had fallen for a ...
With loved ones potentially a half a world away, scammers prey on families with scams that offer to assist with communication, care packages, leave, and more.
