HackDig : Dig high-quality web security articles

Email compromise leads to healthcare data breach at Kaiser Permanente

At least 69,000 people have been impacted by a data breach at Kaiser Permanente, a long-running managed healthcare consortium. The latest in a long-running series of healthcare attacks, the road to stolen data began on April 5 this year with an email compromise. The direct path to data A “substitute breach notice” posted June 3 revealed details of t
Publish At:2022-06-15 09:02 | Read:265 | Comments:0 | Tags:Cybercrime attack data breach email employee healthcare kais

The $43 billion Business Email Compromise threat

The FBI has released a public service announcement regarding the ever-present threat of Business Email Compromise (BEC). This comes hot on the heels of an earlier release from the Las Vegas FBI department in April. Losses continue to mount, and we’re currently facing a scam racking up domestic and international losses of $43 billion. What is Busines
Publish At:2022-05-05 12:48 | Read:855 | Comments:0 | Tags:Scams bec Business Email Compromise CEO ceo fraud CFO CFO fr

Steer clear of this “TestNTrace” SMS spam

p>Yesterday I received an SMS from “TestNTrace”, with the message resembling an official NHS communication: The text reads as follows: NHS: You’ve been in close contact with a person who has contracted the Omicron variant. Please order a test kit via: [URL redacted] Well, that’s an alarming thing to wake up to. However, not everything is as it f
Publish At:2022-04-13 08:52 | Read:665 | Comments:0 | Tags:Scams coronavirus covid-19 email NHS pandemic pcr test sms t

Apps removed from Google Play for harvesting user data

p>Dozens of apps were removed from the Google Play Store after they were found to be harvesting the data of device owners. The code in question—a software development kit (SDK)—was used inside apps which were downloaded over 10 million times. What happened? A wide range of Android apps were found to have this particular SDK lurking. There’s no obvious
Publish At:2022-04-12 08:52 | Read:1071 | Comments:0 | Tags:Privacy Android collection data email Mobile phone number Pl

Unusual sign-in activity mail goes phishing for Microsoft account holders

We’ve received an interesting spam email which (deliberately or not) could get people thinking about the current international crisis. Being on your guard will pay dividends over the coming days and weeks, as more of the below is sure to follow. Unusual sign-in activity detected? The email’s subject line, “Microsoft account unusual sign-in activi
Publish At:2022-03-01 08:51 | Read:1441 | Comments:0 | Tags:Scams email moscow Outlook phish phishing russia

Email Security Trends Coming in 2022

Organizations are under constant threat of cybercrime. While there are many available attack vectors, email is the most obvious path towards a full network compromise. The notion that email security should be prioritized is emphasized during this time where more and more businesses are still working in a remote or hybrid dynamic environment.Accordi
Publish At:2022-02-21 02:06 | Read:1077 | Comments:0 | Tags:IT Security and Data Protection email Fraud Phishing RaaS Re

FIFA 22 phishers tackle customer support with social engineering

Players of smash hit gaming title FIFA 22 have become the target of a wave of attacks focused on account compromise. Up to 50 “high profile” accounts were hijacked by what may have been the same group. FIFA titles are, traditionally, a big draw for scammers and phishers. This is because many of these titles have players that invest heavily in microtransac
Publish At:2022-01-12 12:46 | Read:1980 | Comments:0 | Tags:Social engineering authentication email fifa 22 phish phishi

"I am hacker NSO Group," New Email Scam Leverages Controversial Pegasus Malware

For many years, email scams have circulated suggesting that some remote hacker has installed software on your computer, and has been monitoring your activity, some of which may shame you. In exchange for not exposing you, they ask for payment; some of them say they have photos and videos of you – because the hacker has control of your computer’
Publish At:2021-12-09 08:27 | Read:1530 | Comments:0 | Tags:Security & Privacy email scam hack

How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade

The DigiNotar attack in 2011 set itself apart because it was an attack on the cybersecurity industry itself. Most attacks are on a single company. But this one shook trust in cybersecurity tools and how users decide whom to trust online. After covering this industry for years, I’ve seen firsthand how cyber attacks don’t happen in a vacuum. Inste
Publish At:2021-10-22 15:28 | Read:1199 | Comments:0 | Tags:Incident Response Risk Management Security Services cyber at

CIS Control 09: Email and Web Browser Protections

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack
Publish At:2021-10-20 23:10 | Read:2077 | Comments:0 | Tags:Security Controls cis controls email social engineering

No, Colonel Gaddafi’s daughter isn’t emailing to give you untold riches

It’s not every day you receive a big money offer from someone claiming to sit in political asylum, but here we are. The following missive landed in our spam traps at the weekend. The mail claims to be from the daughter of no less than the late Colonel Gaddafi. Ayesha Gaddafi promises you untold riches if you help her find a home for $27.5 million. The
Publish At:2021-09-22 07:24 | Read:1447 | Comments:0 | Tags:Social engineering 419 email phish phishing spam

Ransomware scammers target artists with fake Krita revenue deals

The Krita digital painting application is currently being targeted by ransomware authors. Available on Steam and other platforms, it’s a powerful tool with a very cheap purchase price and great reviews. A perfect bit of bait to start reeling in potential victims, in other words. How does the scam work? Ransomware scammers send out mails to artists. Tho
Publish At:2021-09-16 07:23 | Read:1606 | Comments:0 | Tags:Cybercrime email kirta malware ransomware scr trick

ProtonMail hands user’s IP address and device info to police, showing the limits of private email

They say there’s two sides to every story. Depending on your point of view, you may have heard a recent story that’s either about overreaching law enforcement and protestors exposed by organisations happy to hand over revealing data despite saying they won’t. Or: BREAKING: legitimate business complies with legitimate law enforcement reques
Publish At:2021-09-07 11:19 | Read:1822 | Comments:0 | Tags:Privacy court order email hushmail law legal mail protonmail

Three Free Secure Email Hosts That Protect Your Data

Email has become commonplace: you can get free email accounts from numerous services, but, as it is often said, if it’s free, then you’re the product. You may have read that, for example, Google has allowed other companies scan mail in Gmail accounts, scraping data for marketers. While the tools used to scan email may simply have been looking t
Publish At:2021-07-29 06:23 | Read:2728 | Comments:0 | Tags:How To email encryption

Buying and Selling Computer Vulnerabilities – Intego Mac Podcast Episode 198

A new Apple update is released for a zero-day vulnerability exploited in the wild, we discuss how vulnerability brokers buy and sell computer bugs, and we look at three free secure email services.(When we recorded the podcast, only some had been released, but shortly after the recording, Apple released the remaining updates.)Speculation that yesterday’s iOS
Publish At:2021-07-29 06:23 | Read:1257 | Comments:0 | Tags:Intego Mac Security Podcast email Intego Mac Podcast

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3