Days before the US election, phishers net $2.3m from Wisconsin Republicans Big money in American politics proves chum in the water for online sharks Security29 Oct 2020 | 33
Your anti-phishing test emails may be too easy to spot. NIST has a training tool for that Phish Scale hopes to make life easier for blue teams gazing at click rates Software18 Sep 2020 | 21
You have to be very on-trend as a cybercrook – hence why coronavirus-themed phishing is this year's must-have look F-Secure gives its take on the first half of 2020 in internet scumminess Security17 Sep 2020 | 6
Things are getting back to normal: Chinese hackers revert to bugging Tibetans after brief Euro campaign APT phishing crew had COVID-themed fling with the west during height of pandemic, claim researchers Security02 Sep 2020 | 5
Doctor, doctor, got some sad news, there's been a bad case of hacking you: UK govt investigates email fail Former trade minister Dr. Liam Fox named as source of leaked trade docs Security04 Aug 2020 | 80
Twitter says spear-phishing attack hooked its staff and led to celebrity account hijack Attack came in waves that probed for staff with access to the creds crims craved Security31 Jul 2020 | 19
UK intel committee on Russia: Social media firms should remove state disinformation. What was that, MI5? ████████? Also (yikes): A 'complicated wiring diagram of responsibilities amongst ministers' in the event of cyber attack Security21 Jul 2020 | 56
Southern Water to splash £50m on IT services to purify systems of planning, governance and internal controls We'll raise a glass of the good stuff to that Software20 Jul 2020 | 3
Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5 A very busy six months for Redmond's Digital Crimes Unit Security08 Jul 2020 | 21
Hundreds of forgotten corners of mega-corp websites fall into the hands of spammers and malware slingers Exclusive DNS entries left pointing to Azure-hosted server names snatched by miscreants for mischief Security07 Jul 2020 | 20
Your 2.3m Instagram fans won't stop the FBI... Web star accused of plotting to launder millions from cyber-crime Bloke calling himself Hushpuppi extradited, allegedly conspired to steal $100m from English Premier League soccer club among others Security06 Jul 2020 | 13
Honeypot behind sold-off IP subnet shows Cyberbunker biz hosted all kinds of filth, says SANS Institute Botnet C2, denial-of-service, phishing – and that's after filtering Security25 Jun 2020 | 7
Australian PM says nation under serious state-run 'cyber attack' – Microsoft, Citrix, Telerik UI bugs 'exploited' Won't say who the attackers are working for – just don't mention 中国 Security19 Jun 2020 | 37
Anatomy of a business email scam: FBI dossier details how fraudster pocketed $500k+ by redirecting payments Electrolux, construction biz fooled into handing over money funneled out of the US to South Africa Security03 Jun 2020 | 7
Cybercrooks tend to prefer Google-branded phishing to Microsoft-flavoured lures So says Barracuda Networks, anyway Security28 May 2020 | 2
There's Norway you're going to believe this: Government investment fund conned out of $10m in cyber-attack Updated Police pining to drop the Lillehammer on crooks Security14 May 2020 | 10
Mama mia! Nintendo in need of a plumber after leak sprays N64, GameCube, Wii code Roundup Plus: Cognizant cognisant of whopping $70m in damage, malware creeps hit hospital firm, phishing campaigns, and much more Security11 May 2020 | 8
Something a bit phishy in your inbox? You can now email suspected frauds straight to Blighty's web takedown cops National Cyber Security Centre publishes scam-busting address Security21 Apr 2020 | 27
Weeks before US oil contract prices went negative, a spear-phishing crew went after oil firms. What did they get? Who wants to know about their biz plans? Someone determined Security21 Apr 2020 | 8
You know all those stories of leaky cloud buckets taken offline? Well, some may still be there, just badly hidden Roundup Plus, Google warns of fake journo phishing attacks Security30 Mar 2020 | 3
No, the head of the World Health Organization has not emailed you – it's a message laced with malware Roundup On the other hand, these Pwn2Own results are legit Security23 Mar 2020 | 6
Online face mask sales scams, 400% uptick of coronavirus phishing reports: Brit cops' workload shifts online along with the nation's Criminal scum use pandemic as golden business opportunity Security20 Mar 2020 | 24
Health workers are top of phishers' target lists thanks to data value Interview And HR folks aren't far behind, says Proofpoint strategist Security16 Mar 2020 | 15
Like a Virgin, hacked for the very first time... UK broadband ISP spills 900,000 punters' records into wrong hands from insecure database Contact info and more, perfect for phishing Security05 Mar 2020 | 82
Download this update from mybrowser.microsoft.com. Oh, sorry, that was malware on a hijacked sub-domain. Oops Lax DNS leaves door wide open for miscreants to impersonate Windows giant on its own websites Security04 Mar 2020 | 26
It has been 15 years, and we're still reporting homograph attacks – web domains that stealthily use non-Latin characters to appear legit More than a dozen dodgy websites spotted masquerading as the real deal, HTTPS certs and all Security04 Mar 2020 | 34
Southern Water not such a phisherman's phriend, hauls itself offline to tackle email lure UK utility biz suspends internet services Security28 Feb 2020 | 24
Someone needs to go back to school: Texas district fleeced for $2.3m after staff fall for devious phishing email FBI probes massive fraud Security13 Jan 2020 | 23
Rowhammer rides again as FPGA attack, RSA again reportedly up for sale, anti-theft kit to nuke laptops, etc Roundup Including: Tesla and a town hit hard by spear-phish bridge scammers Security06 Jan 2020 | 28
Five years in the clink for super-crook who scammed Google, Facebook out of $120m with fake tech invoices Lithuanian bloke locked up for mother of all phishing capers Security20 Dec 2019 | 65
Google: We caught a Russian state hacker crew uploading badness to the Play Store Adtech firm also sent 12k phishing warnings to users of its services Security28 Nov 2019 | 28
Cloudy biz Datrix locks down phishing attack in 15 mins after fat thumb triggers email badness You can be fast but they're always faster Security28 Nov 2019 | 11
Would you open an email from one Dr Brian Fisher? GP app staff did – and they got phished Director's account hijacked in what biz believes to be an attempted ransomware attack Security24 Oct 2019 | 52
No one would be so scummy as to scam a charity, right? UK orgs find out the hard way Research blames 'culture of trust' for weak fraud protections Security21 Oct 2019 | 50
A cautionary, Thames Watery tale on how not to look phishy: 'Click here to re-register!' Mass-mailing your customers today? Read this first Security17 Oct 2019 | 68
Bulgarian phishing gang member who lived with his parents jailed for part in £40m fraud ring 37-year-old was extradited to Blighty to stand trial Security20 Sep 2019 | 9
Required: Massive email fraud bust. Tired: Cops who did the paperwork. Expired: 281 suspected con men's freedom Alleged whaling crooks cuffed in global crime crackdown Security10 Sep 2019 | 8
Cybercrook hands cops £923k in Bitcoin made from selling phished deets on the dark web 27-year-old also shipped weed, flogged 'how-to' fraud guides Security23 Aug 2019 | 34
Here's a top tip: Don't trust the new person – block web domains less than a month old. They are bound to be dodgy Better to be aggressive and safe than sorry Security21 Aug 2019 | 71
Phisherman's blues: Bogus Dell support rep extradited from Kenya, admits he conned US colleges out of $900,000 Scumbag faces up to 20 years in the clink for email fraud Security02 Aug 2019 | 13
Cybercrooks attempted credential-stuffing banks 3.5 BEEELLION times in the last 18 months alone All going just as you'd expect, reckons Akamai Security31 Jul 2019 | 8
Dear hackers: If you try to pwn a website for phishing, make sure it's not the personal domain of a senior Akamai security researcher Exclusive Crooks fail to hijack infosec bloke's site to dress it up as a legit Euro bank login page Security29 Jul 2019 | 62
For pity's sake, groans Mimecast, teach your workforce not to open obviously dodgy emails JavaScript obfuscation finds its way into finance phishery Security17 Jul 2019 | 46
Wipro wasn't a one-off: Same hacking crew targeted scores of firms, big and small – researchers Thanks in large part to a counter-phishing product. Doh! Security26 Jun 2019 | 5
Wondering where that upcoming meeting with 'Cheap Viagra' came from? Spammers beat Gmail filters by abusing Google Calendar, Forms, Photos, Analytics... Kaspersky fingers pro-G filters for letting cyber-muck through Security11 Jun 2019 | 29
Crime doesn't pay? Crime doesn't do secure coding, either: Akamai bug-hunters find hijack hole in bank phishing kit Exclusive Absolutely criminal behavior – unrestricted file upload, really? Security05 Jun 2019 | 13
Be wary of emails with links to ... er, Google Drive? Is that right? Alibaba, Azure and more used for badness, warns infosec biz Security07 May 2019 | 28
Microsoft admits: Yes, miscreants leafed through some Hotmail, MSN, Outlook inboxes after support rep pwned Email contents exposed for unlucky punters SaaS15 Apr 2019 | 15
Yup, it's the new tax year: If you smell a RAT, it's because crims are ramping up tax scams Tell your dad not to open the 'HMRC' Word doc promising a yuge refund Security04 Apr 2019 | 12
Who needs foreign servers? Researchers say the USA is doing a fine job of harboring its own crimeware flingers Domestic hosts and servers are being used for major attacks, finds Bromium Security04 Apr 2019 | 25
VMware emits security alerts, Planet Hollywood chain hacked, SWAT death caller gets 20 years in clink, and more Roundup A quick summary of infosec news to start your week Security01 Apr 2019 | 14
Fake broadband ISP support scammers accidentally cough up IP address to Deadpool in card phish gone wrong A tale of Twitter fraudsters, an infosec biz boss, and a quest for one honeypot hit Security23 Jan 2019 | 136
Scumbag hackers lift $1m from children's charity Utter asshats pull seven-figure heist on Save the Children Foundation Security14 Dec 2018 | 45
It is with a heavy heart that we must inform you hackers are targeting 'nuclear, defense, energy, financial' biz Sharpshooter takes aim at critical infrastructure Security12 Dec 2018 | 24
Bethesda blunders, IRS sounds the alarm, China ransomware, and more Roundup Plus, US Congress wants more cybersec training, better breach laws Security08 Dec 2018 | 14
More data joy: Email scammers are buying marks' info from legit biz intelligence firms Black Hat London Blue gang probably has your firm's org chart Security06 Dec 2018 | 8
Oh my chord! Sennheiser hits bum note with major HTTPS certificate cock-up Audiophiles could get played like a fiddle, have their web traffic snooped by son-of-a-pitch scammers Security29 Nov 2018 | 29
A little phishing knowledge may be a dangerous thing Boffins find those who know about phishing more likely to be duped than the less informed Security19 Nov 2018 | 64
Between you, me and that dodgy-looking USB: A little bit of paranoia never hurt anyone Let's lift our eyes from the balance sheet and take a look around... Security13 Nov 2018 | 155
If Shadow Home Sec Diane Abbott can be reeled in by phishers, truly no one is safe MP falls for PC support scam Security08 Nov 2018 | 169
I know what you're thinking: Outsource or in-source IT security? I've worked both sides, so here's my advice... Comment The pros and cons of using internal and external talent, or a mix of both Security02 Nov 2018 | 20
Trump's axing of cyber czar role has left gaping holes in US defence Comment Damning report shows Uncle Sam falling behind Security27 Sep 2018 | 52