You might have been phished by the gang that stole North Korea’s lousy rocket tech
US, South Korea, warn 'Kimsuky' is a very sophisticated social engineer
Security02 Jun 2023 | 12
Phishing
Ads for lucrative jobs in Asia fail to mention chance of slavery as crypto-scammer
FBI warns jobseekers to be very skeptical of working holidays in Cambodia
Cyber-crime23 May 2023 | 16
Russia's APT28 targets Ukraine government with bogus Windows updates
Nasty emails designed to infect systems with info-stealing malware
Cyber-crime02 May 2023 | 4
ChatGPT fans need 'defensive mindset' to avoid scammers and malware
Palo Alto Networks spots suspicious activity spikes such as naughty domains, phishing, and worse
AI + ML21 Apr 2023 | 4
April brings tulips, taxes ... and phisherfolk scammers
Tactical#Octopus: Don't let users click on that zip file
Research03 Apr 2023 | 6
Vietnam threatens to cut off two million mobile subscribers
To scupper scams, account-holders must hand over personal info or else
Security03 Apr 2023 | 7
BROADER TOPICS
Police pounce on 'pompompurin' – alleged mastermind of BreachForums
In Brief Crypto laundering service gets cleaned up by police and SVB mess draws in more criminals
Security20 Mar 2023 | 3
SVB collapse's mix of money, urgency and uncertainty makes it irresistible to scammers
Phishing, dodgy domain names, and sophisticated attacks already deployed
Security15 Mar 2023 | 1
Refreshed from its holiday, Emotet has gone phishing
Notorious botnet starts spamming again after a three-month pause
Research09 Mar 2023 | 2
Namecheap admits 'unauthorized emails' pwning its customers
Blames 'third-party provider' as phishers drain Ethereum wallets
Security13 Feb 2023 | 10
Reddit reveals security incident that looks more SNAFU than TIFU
Phishing hooked internal documents, code, and some non-critical systems, but users' personal info safe
Cyber-crime10 Feb 2023 | 8
Attackers abuse Microsoft’s 'verified publisher' status to steal data
Malicious OAuth apps were the tickets into victims' systems
Security01 Feb 2023 | 7
Microsoft to enterprises: Patch your Exchange servers
If you want to keep the miscreants out, put the updates in, Redmond says
Patches28 Jan 2023 | 14
UK Cyber Security Centre's scary new story: One phish, two phish, Russia phish, Iran phish
Nice people on LinkedIn want to harvest logins from politicians, boffins, and defense types
Cyber-crime27 Jan 2023 | 10
IT security teams, business execs still not on same page
In brief Also: Guri the air-gap guru strikes again, while pro-Ukraine hackers set up a proxy network in Russia
Security12 Dec 2022 | 6
World Cup phishing emails spike in Middle Eastern countries
That's where the money is
Security21 Nov 2022 | 6
Windows breaks under upgraded IceXLoader malware
We're the malware of Nim!
Security10 Nov 2022 | 14
Robin Banks crooks back at the table with fresh phish from Russia
Phishing-as-a-service group's toolset now includes ways to get around MFA
Research08 Nov 2022 | 1
Microsoft hits the switch on password-free smartphone authentication
No more MF phish on this MFA cellphone as Azure AD CBA + YubiKey hits preview
Security07 Nov 2022 | 23
Multi-factor auth fatigue is real – and it's why you may be in the headlines next
Analysis Overwhelmed by waves of push notifications, worn-down users inadvertently let the bad guys in
Security03 Nov 2022 | 88
Dropbox admits 130 of its private GitHub repos were copied after phishing attack
Personal info and data safe, stolen code not critical, apparently
Cyber-crime01 Nov 2022 | 2
Gone phishing: UK data watchdog fines construction biz £4.4m for poor infosec hygiene
Staff member bit on lure, ultimately exposed up to 113,000 colleagues' personal information
Cyber-crime25 Oct 2022 | 11
DHL named most-spoofed brand in phishing
With Microsoft and LinkedIn close on shipping giant's heels
Research24 Oct 2022 | 4
FBI: Looking for Biden's student loan forgiveness? Watch out for these scams
You really think someone would do that? Just go on the internet and steal identities?
Cyber-crime19 Oct 2022 | 8
Phishing works so well crims won't bother with deepfakes, says Sophos chap
People reveal passwords if you ask nicely, so AI panic is overblown
Research17 Oct 2022 | 15
US election workers slammed with phishing, malware-stuffed emails
It's almost like there's some midterms coming up
Security12 Oct 2022 | 6
FCC takes on robotexts. Good news if your dad thinks IRS gives SMS rebates
But how will you know when your vehicle's extended warranty has expired?
Networks03 Oct 2022 | 16
The web's cruising at 13 million new and nefarious domain names a month
Or so Akamai is dying to tell us
Research28 Sep 2022 | 10
Microsoft says it's boosted phishing protection in Windows 11 22H2
Security tool warns admins, users when a password is used on an untrusted site or stored locally
Security27 Sep 2022 | 12
Cisco: Yes, Yanluowang leaked our data. No, it's not serious
Everything's fine!
Security13 Sep 2022 | 4
Chinese-linked cyber crims nab $529 million from Indian nationals
Authorities also bust a shell company scam operation with links to the Middle Kingdom
Security13 Sep 2022 | 6
Dump these small-biz routers, says Cisco, because we won't patch their flawed VPN
Nothing like an authentication bypass for your private IPSec network
CSO08 Sep 2022 | 56
Cyberattack brings down InterContinental Hotels' booking systems
Online booking systems and other services knocked offline amid network intrusion
Cyber-crime06 Sep 2022 | 16
Now Oktapus gets access to some DoorDash customer info via phishing attack
Double check who exactly you're sending your username and password to, eh?
Cyber-crime26 Aug 2022 | 8
Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaign
Updated This, this is more like what we mean by a sophisticated cyberattack
CSO25 Aug 2022 | 6
Hiding a phishing attack behind the AWS cloud
Scammers are using cloud services to create and host web pages that can be used to lure victims into handing over their credentials
Security22 Aug 2022 | 7
After 7 years, long-term threat DarkTortilla crypter is still evolving
.NET-based malware can push wide range of malicious payloads, and evades detection, Secureworks says
CSO17 Aug 2022 | 2
Reckon Russian spies are lurking in your inbox? Check for these IOCs, Microsoft says
Seaborgium targeted dozens of orgs this year alone
CSO16 Aug 2022 | 7
Cisco admits corporate network compromised by gang with links to Lapsus$
Voice-phished their way in, but Switchzilla claims no damage done
Security11 Aug 2022 | 7
Cloudflare: Someone tried to pull the Twilio phishing tactic on us too
Attack was foiled by content delivery network's hardware security keys
Security10 Aug 2022 | 10
Twilio customer data exposed after its staffers got phished
Comms giant says several other firms targeted in 'sophisticated attack'
Cyber-crime08 Aug 2022 | 13
Decentralized IPFS networks forming the 'hotbed of phishing'
P2P file system makes it more difficult to detect and take down malicious content
Security29 Jul 2022 | 23
Cyber-mercenaries for hire represent shifting criminal business model
Emerging threat group offers a broad range of attack services
Security25 Jul 2022 | 9
This big phish can swim around MFA, says Microsoft Security
Slippery AiTM attacks targeted more than 10,000 orgs over the past nine months
CSO13 Jul 2022 | 2
Is this you in this explicit snap? No, it's just Discord phishing
Unless you're Hunter Biden, that compromising pic isn't real
Personal Tech12 Jul 2022 | 14
AstraLocker ransomware reportedly closes doors to pursue cryptojacking
Why go through the hassle of demands and decryption when quietly mining is so much easier?
Cyber-crime06 Jul 2022 | 2
Carnival Cruises torpedoed by US states, agrees to pay $6m after wave of cyberattacks
Now those are some phishing boats
Cyber-crime28 Jun 2022 | 17
Europol arrests nine suspected of stealing 'several million' euros via phishing
Victims lured into handing over online banking logins, police say
Cyber-crime23 Jun 2022 | 7
Zscaler bulks up AI, cloud, IoT in its zero-trust systems
Focus emerges on workload security during its Zenith 2022 shindig
Networks22 Jun 2022 |
Voicemail phishing emails steal Microsoft credentials
As always, check that O365 login page is actually O365
CSO21 Jun 2022 | 20
Interpol anti-fraud operation busts call centers behind business email scams
1,770 premises raided, 2,000 arrested, $50m seized
Security17 Jun 2022 | 25
Heineken says there’s no free beer, warns of phishing scam
WhatsApp messages possibly the worst Father's Day present in the world
Security15 Jun 2022 | 27
Emotet malware gang re-emerges with Chrome-based credit card heistware
Crimeware groups are re-inventing themselves
Research10 Jun 2022 | 5
Facebook phishing campaign nets millions in IDs and cash
Hundreds of millions of stolen credentials and a cool $59 million
Cyber-crime09 Jun 2022 | 8
Now Windows Follina zero-day exploited to infect PCs with Qbot
Data-stealing malware also paired with Black Basta ransomware gang
Research09 Jun 2022 | 4
Microsoft seizes 41 domains tied to 'Iranian phishing ring'
Windows giant gets court order to take over dot-coms and more
Cyber-crime07 Jun 2022 | 4
Costa Rican government held up by ransomware … again
In brief Also US warns of voting machine flaws and Google pays out $100 million to Illinois
Security06 Jun 2022 | 8
Watch out for phishing emails that inject spyware trio
You wait for one infection and then three come along at once
Research01 Jun 2022 | 13
Ransomware attack sends US county back to 1977
In brief Also: Uni details its malware-catching AI, signs of China poking the Russian cyber-bear, and more
Patches29 May 2022 | 8
Suspected phishing email crime boss cuffed in Nigeria
Interpol, cops swoop with intel from cybersecurity bods
Cyber-crime26 May 2022 | 7
It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017
Crafty file names, encrypted malicious code, Office flaws – ah, it's like the Before Times
Research24 May 2022 | 23
Hot glare of the spotlight doesn’t slow BlackByte ransomware gang
Crew's raids continue worldwide, Talos team warns
Research19 May 2022 | 4
Biting the hand that feeds IT
