HackDig : Dig high-quality web security articles

No, Colonel Gaddafi’s daughter isn’t emailing to give you untold riches

It’s not every day you receive a big money offer from someone claiming to sit in political asylum, but here we are. The following missive landed in our spam traps at the weekend. The mail claims to be from the daughter of no less than the late Colonel Gaddafi. Ayesha Gaddafi promises you untold riches if you help her find a home for $27.5 million. The
Publish At:2021-09-22 07:24 | Read:128 | Comments:0 | Tags:Social engineering 419 email phish phishing spam

Update: The Defensive Security Strategy

Original post:  https://www.trustedsec.com/blog/the-defensive-security-strategy-what-strategy/ Massive exposures and attacks, such as recent SolarWinds and Exchange exploit issues, have been common news lately. While the security landscape has advanced and changed, these massive exposures are continuing to occur. The question is why, and how, are the
Publish At:2021-09-09 14:27 | Read:141 | Comments:0 | Tags:Application Security Assessment Leadership Mobile Security A

Sextortion on the rise, warns FBI

The pandemic saw a surge in sextortion cases in 2020. Fast forward 12 months, and the numbers continue to rise significantly. This revelation came from the FBI Internet Crime Complaint Center (IC3). Until 31 July 2021, it had received over 16,000 sextortion complaints, with victims losing a combined $8M USD at least. “Nearly half of these extorti
Publish At:2021-09-08 15:16 | Read:229 | Comments:0 | Tags:Social engineering 2fa fbi Federal Bureau of Investigations

Introducing iHide – A New Jailbreak Detection Bypass Tool

Today, we are releasing iHide, a new tool for bypassing jailbreak detection in iOS applications. You can install iHide by adding the repo https://repo.kc57.com in Cydia or clicking here on an iOS device with Cydia installed. Additionally, you can check out the code and build/install it yourself if you prefer. Once installed, iHide will add a new entry in
Publish At:2021-09-02 10:31 | Read:185 | Comments:0 | Tags:Application Security Assessment Hardware Security Assessment

August 2021 Security Intelligence Roundup: Pipeline Changes, Social Engineering and Software Supply Chain Attacks

Ransomware catches people’s attention in part because it feeds on emotion. People click on links without looking at them first, and this remains one of the most common vectors for attack. While it may seem like the internet is filled with the same advice over and over again, even the most attentive person can slip up on a busy work day.  In our n
Publish At:2021-08-31 20:52 | Read:293 | Comments:0 | Tags:CISO Identity & Access Incident Response Security Services T

Microsoft warns about phishing campaign using open redirects

The Microsoft 365 Defender Threat Intelligence Team posted an article stating that they have been tracking a widespread credential phishing campaign using open redirector links. Open redirects have been part of the phisher’s arsenal for a long time and it is a proven method to trick victims into clicking a malicious link. What are open redirects? The M
Publish At:2021-08-27 14:38 | Read:402 | Comments:0 | Tags:Social engineering CAPTCHA credential phishing microsoft ope

How to spot a DocuSign phish and what to do about it

Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off. And the brands phishers like most are the ones you’re expecting to hear from, or wouldn’t be surprised to hear from, like Amazon or DHL. Now you can add DocuSign to that list. DocuSign is a service that allows people to sign d
Publish At:2021-08-18 13:12 | Read:381 | Comments:0 | Tags:Social engineering CAPTCHA docusign phishing

A week in security (August 9 – August 15)

Last week on Malwarebytes Labs: Home routers are being hijacked using a vulnerability disclosed just 2 beforeRansomware turncoat leaks Conti data, lifts the lid on the ransomware businessCheck your passwords! Synology NAS devices are under attack from StealthWorkerPrintNightmare and RDP RCE among major issues tackled by Patch TuesdayThief pulls off coloss
Publish At:2021-08-16 09:57 | Read:197 | Comments:0 | Tags:Malwarebytes news a week in security awis hacking malware ph

Most Digital Attacks Today Involve Social Engineering

On May 14, the FBI marked a sobering milestone: the receipt of its six millionth digital crime complaint. It took just 14 months for the FBI’s Internet Crime Complaint Center (IC3) to reach its new threshold. Digital crime complaints are on the rise, and we have some ideas as to why. Check out what these statistics mean, where social engineering fits
Publish At:2021-08-13 16:22 | Read:536 | Comments:0 | Tags:Fraud Protection Security Services social media threats FBI

Crypto-scams you should be steering clear of in 2021

A fair few cryptocurrency scams have been doing the rounds across 2021. Most of them are similar if not identical to tactics used in previous years with an occasional twist. Here’s some of the most visible ones you should be steering clear of. Recovery code theft Many Bitcoin wallets make use of something called recovery codes. These are, as the name s
Publish At:2021-08-13 11:09 | Read:180 | Comments:0 | Tags:Social engineering crypto cryptocoins cryptomining cryptosca

How Social Norms Can Be Exploited by Scammers on Social Media

Social media platforms are excellent hunting grounds for scammers. This is where we connect with our friends or people who we have something in common with. This is precisely what scammers exploit—our connections and the trust that is afforded between friends or acquaintances. From an early age, we are taught to be kind and compassionate as well as to help o
Publish At:2021-08-05 23:21 | Read:484 | Comments:0 | Tags:IT Security and Data Protection 2FA scammer social engineeri

Spam and phishing in Q2 2021

Quarterly highlights The corporate sector In Q2 2021, corporate accounts continued to be one of the most tempting targets for cybercriminals. To add to the credibility of links in emails, scammers imitated mailings from popular cloud services. This technique has been used many times before. A fake notification about a Microsoft Teams meeting or a request to
Publish At:2021-08-05 08:55 | Read:395 | Comments:0 | Tags:Spam and phishing reports Instant Messengers Malicious spam

Spear-phishing now targets employees outside the finance and executive teams, report says

Social engineering attacks have been a longstanding concern for both individuals and organizations alike. The trend, as we know it, is that fraudsters conducting spear phishing attacks—specifically, business email compromise (BEC)—are likely to target employees either in the finance or executive teams of a company as they have authority over financial matter
Publish At:2021-07-30 13:57 | Read:355 | Comments:0 | Tags:Social engineering Barracuda report bec Business Email Compr

Busted! Fraud-as-a-Service gang that sold 2FA-proof phishing arrested

The Dutch police announced that they arrested two Dutch citizens, aged 24 and 15, for developing and selling phishing panels. The police also searched the house of another suspect, an 18 year old who was not arrested. The people behind this illegal business called themselves the Fraud Family and were active on Telegram to sell their panels to interested p
Publish At:2021-07-23 17:42 | Read:955 | Comments:0 | Tags:Scams Social engineering 2fa anti-bot fraud family green pad

Managed Detection and Response in Q4 2020

 Download full report (PDF) As cyberattacks become more sophisticated, and security solutions require more resources to analyze the huge amount of data gathered every day, many organizations feel the need for advanced security services that can deal with this growing complexity in real time, 24/7. This article contains some analytical findings from Mana
Publish At:2021-07-21 06:15 | Read:436 | Comments:0 | Tags:Publications DDoS-attacks Malware Statistics Security techno

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud