HackDig : Dig high-quality web security articles

‘Inbox Zero’ Your Threat Reports: How to Combat Security Alert Fatigue

At best, a new cybersecurity alert should trigger immediate action. But we all know in practice that work is not always clear cut. A new alert can find itself as just the latest un-addressed number in the inbox. In an inbox-zero case, the latest new alert is the most urgent task. But in a backed-up, bottleneck situation, it may be treated as the least urgen
Publish At:2021-04-20 10:31 | Read:139 | Comments:0 | Tags:Security Intelligence & Analytics Incident Response Security

A new headache for ransomware-hit companies. Extortionists emailing your customers

Cybercriminal extortionists have adopted a new tactic to apply even more pressure on their corporate victims: contacting the victims’ customers, and asking them to demand a ransom is paid to protect their own privacy.At the end of March, Bleeping Computer reported that the Clop ransomware gang had not stopped at threatening hacked companies and contact
Publish At:2021-04-07 09:19 | Read:143 | Comments:0 | Tags:IT Security and Data Protection cyberattack cybercrime email

Phishing Email Examples: How to Recognize a Phishing Email

Phishing Email Examples: How to Recognize a Phishing Email Keeping your identity safe on the internet can be challenging. Phishing is a scam that tricks you into voluntarily providing important personal information. Protect yourself from phishing by reviewing some examples of phishing emails and learning more about this common online scam. What is phishing?
Publish At:2021-02-18 21:06 | Read:529 | Comments:0 | Tags:Consumer anti-virus phishing scams email

Nude photo theft offers lessons in selfie security

Two former college graduates are in a lot of trouble after breaking into other students’ accounts and stealing sensitive personal data. They’re facing some serious charges with restitution payments of $35,430, potential jail time, and the threat of very big fines thrown into the mix. What happened? A man from New York has pleaded guilty to one co
Publish At:2021-02-12 13:00 | Read:388 | Comments:0 | Tags:Privacy compromise court data email guilty hacking photograp

November spam roundup: Stalkers, property tips, porn, stern words and PayPal

Today we’re rounding up some of the interesting pieces of spam currently in circulation, taking in everything from housing deals to mysteriously free slices of cash. You may have seen some of these already. Hopefully we can help make up your mind about whatever’s lurking in your mailbox. A full house of spam Whether by accident or design, y
Publish At:2020-11-30 10:36 | Read:487 | Comments:0 | Tags:Cybercrime Social engineering email mail phish phishing roun

Email Attacks Using Fear of Election Interference to Spread QBot

Digital attackers launched a malicious email campaign that used fear of election interference in order to spread the QBot trojan.On November 4, Malwarebytes came across an attack email. This message arrived as a thread reply in an attempt to boost its legitimacy.The body of the email did not include the recipient’s name or other personal information. I
Publish At:2020-11-05 11:07 | Read:539 | Comments:0 | Tags:IT Security and Data Protection Latest Security News electio

Amazon Discloses Security Incident Involving Customers’ Email Addresses

Amazon informed some of its customers about a security incident that involved the unauthorized disclosure of their email addresses.News of the security incident emerged over the weekend of October 23 when multiple users took to Twitter to voice their confusion over an email they had received from Amazon.In an email notification obtained by Bleeping Computer,
Publish At:2020-10-27 08:43 | Read:654 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Amazon

DOJ Says Iran Targeted American Voters with Threatening Emails

The U.S. Department of Justice (DOJ) said Iran was responsible for an attack campaign that targeted American voters with threatening emails.On October 21, the Justice Department held a press conference in which FBI Director Christopher Wray and Director of National Intelligence John Ratcliffe linked Iran to a spam campaign making the rounds in the United Sta
Publish At:2020-10-22 07:49 | Read:561 | Comments:0 | Tags:IT Security and Data Protection Latest Security News email I

Targeted Company’s Homepage Used in Message Quarantine Phish

Security researchers observed that malicious actors had incorporated a targeted company’s homepage into a message quarantine phishing campaign.The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguised itself as a message quarantine notification from the targeted company’s IT department.The emai
Publish At:2020-09-04 11:58 | Read:811 | Comments:0 | Tags:IT Security and Data Protection Latest Security News email m

Questions to Ask When Conducting Single Sign-On Enrollment

Instead of asking employees to input passwords every day, single sign-on (SSO) offers a simplified but secure authentication process. SSO authentication gives a user the option of choosing a single set of credentials to access multiple accounts and services. So, how can organizations best use SSO for their purposes? This authentication scheme works with the
Publish At:2020-08-11 10:36 | Read:704 | Comments:0 | Tags:Identity & Access Email Identity Identity and Access Managem

Phishing Campaign Leads Users to Site Disguised as Email Scanner

A phishing campaign tricked users into visiting a website that masqueraded as an email scanner in an effort to steal their account credentials.Kaspersky Lab found that the campaign began with a scam email containing a fake virus alert.This email claimed to originate from an organization’s “Email Security Team,” but it actually originated fr
Publish At:2020-08-06 09:45 | Read:880 | Comments:0 | Tags:IT Security and Data Protection Latest Security News email P

Business email compromise: gunning for goal

The evergreen peril of business email compromise (BEC) finds itself in the news once more. This time, major English Premier League football teams almost fell victim to their trickery, to the tune of £1 million. First half: fraudsters on the offensive Somebody compromised a Managing Director’s email after they logged into a phishing portal via bogus ema
Publish At:2020-08-06 04:45 | Read:1036 | Comments:0 | Tags:Cybercrime Social engineering bec business cybersecurity Bus

Cloud Services Abused by Clever Phishing Campaign

Security researchers detected a clever new phishing campaign that abused three enterprise cloud services in an attempt to steal victims’ credentials.On July 18, Bleeping Computer revealed that the phishing campaign’s attack emails claimed to originated from the domain “servicedesk.com.”The computer self-help site took a closer look. I
Publish At:2020-07-20 08:31 | Read:1045 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Cloud e

New Research Exposes Iranian Threat Group Operations

IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In the past few weeks, ITG18 has been associated with targeting of  pharmaceutical companies and the U.S. presidential campaigns. Now, due to operational erro
Publish At:2020-07-16 08:09 | Read:775 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence Threa

Nigerian National Extradited to United States on BEC Scam Charges

A Nigerian national entered into the custody of the FBI to face charges of having targeted several U.S. companies with business email compromise (BEC) scams.On July 3, the U.S. Attorney’s Office for the Northern District of Illinois announced that the United Arab Emirates had expelled Olalekan Jacob Ponle (a/k/a “Mr. Woodbery” and “Mark Kain”), 29, ori
Publish At:2020-07-07 11:39 | Read:884 | Comments:0 | Tags:IT Security and Data Protection Latest Security News BEC ema