HackDig : Dig high-quality web security articles for hacker

The Amazon Prime phishing attack that wasn’t…

byPaul DucklinEarlier this week, we received a moderately believable Amazon Prime phish via email.The scam had an Account Locked subject line, with a warning that we wouldn’t be able to buy or sell anything via Amazon’s services until we verified our account.To add a bit more fear and urgency, the crooks went on to warn us that if we didn’t
Publish At:2020-02-21 14:11 | Read:121 | Comments:0 | Tags:Phishing Backdoor phishing Wordpress

What the Explosive Growth in ICS-Infrastructure Targeting Means for Security Leaders

The recently published IBM X-Force Threat Intelligence Index 2020 pointed out that over 8.5 billion records were compromised in 2019, a figure that’s more than 200 percent greater than the number of records lost in 2018. It also determined that scanning and exploitation of vulnerabilities have increased from just 8 percent of attacks in 2018 to nearly
Publish At:2020-02-20 10:49 | Read:223 | Comments:0 | Tags:CISO Energy & Utility Security Services Brute-Force Attack C

Phishing techniques: Asking for sensitive information via email

IntroductionEmail has been a critical part of our everyday communications since the 1990s. Thanks to its affordability and ease of use, email allows users to conduct business deals, stay in touch with their family and friends, and receive promotional materials from their favorite brands. However, the use of this messaging medium isn’t risk-free.Phisher
Publish At:2020-02-20 10:44 | Read:218 | Comments:0 | Tags:Phishing

Top Email Security Threats of 2020 – How To Stop Them

As hackers’ methods become more sophisticated, the scale of email security breaches and the frequency at which they occur grow greater with each passing year. In 2019 alone, an estimated 2 billion unique email addresses, accompanied by over 21 million unique passwords, were exposed within a single data breach. After the initial panic, it became clear that br
Publish At:2020-02-20 03:05 | Read:104 | Comments:0 | Tags:IT Security and Data Protection email security insider threa

Emotet SMiShing Uses Fake Bank Domains in Targeted Attacks, Payloads Hint at TrickBot Connection

Before a short lull in mid-February, Emotet was in the midst of a rise in activity that has been apparent since late 2019 — in terms of both spam and infecting potential victims via SMiShing attacks. In cases observed by IBM X-Force researchers, SMS messages sent from what would appear to be local U.S. numbers are being delivered to mobile phones impersonati
Publish At:2020-02-19 08:17 | Read:204 | Comments:0 | Tags:Malware Threat Intelligence Antivirus Banking Security Phish

Sextortion Scams Delivered by Emotet Net 10 Times More Than Necurs Sextortion — Here’s Why

Recent spam campaigns from Emotet featured sextortion content very similar to emails previously sent by the Necurs botnet. However, Emotet spam ended up netting 10 times the amount that a comparable Necurs campaign did — within a matter of six hours. Why was Emotet so much more successful with the same type of ploy? Two factors played into this. First, Emote
Publish At:2020-02-15 17:18 | Read:86 | Comments:0 | Tags:Malware Threat Intelligence Banking Trojan Bitcoin Botnet Cy

What Is a DDoS Attack?

After 20 years of prominence, distributed denial-of-service (DDoS) attacks may be causing more devastating effects than ever. The first DDoS attack occurred way back on July 22, 1999 when a network of 114 computers infected with a malicious script called Trin00 attacked a computer at the University of Minnesota, according to MIT Technology Review. The infect
Publish At:2020-02-15 17:18 | Read:67 | Comments:0 | Tags:Network Security Intelligence & Analytics Application Securi

Official: Puerto Rico Govt Loses $2.6M in Phishing Scam

Puerto Rico’s government has lost more than $2.6 million after falling for an email phishing scam, according to a senior official.The finance director of the island’s Industrial Development Company, Rubén Rivera, said in a complaint filed to police Wednesday that the agency sent the money to a fraudulent account.Rivera said the government agency transferred
Publish At:2020-02-15 16:11 | Read:138 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Phishing Cybe

3 Employees Suspended in $4M Puerto Rico Online Scam

Puerto Rico’s government said Friday that it suspended three employees as federal agents investigate an online scam that attempted to steal more than $4 million from the U.S. territory.Manuel Laboy, executive director of Puerto Rico’s Industrial Development Company, said rigorous procedures were not followed when the agency received an email alleging a chang
Publish At:2020-02-15 16:11 | Read:81 | Comments:0 | Tags:NEWS & INDUSTRY Fraud & Identity Theft Incident Resp

Phishing Attacks: Best Practices for Not Taking the Bait

The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even worse if a stolen identity belongs to a privileged user, who has even broader access, and therefore provides the intruder with “the keys to the kingdom”. According to a 2019 study, 74 percent of respondents whose or
Publish At:2020-02-12 08:55 | Read:100 | Comments:0 | Tags:INDUSTRY INSIGHTS Phishing

Coronavirus-Themed Emails Deliver Malware, Phishing, Scams

Several cybersecurity companies have spotted campaigns that use coronavirus-themed emails to deliver malware, phishing attempts and scams.The new coronavirus outbreak, which started in China, has made a lot of headlines recently and has caused global panic. Over 40,000 infections have been confirmed and the death toll has exceeded 1,000. The virus has been n
Publish At:2020-02-12 02:11 | Read:200 | Comments:0 | Tags:NEWS & INDUSTRY Virus & Threats Email Security Phish

X-Force Threat Intelligence Index Reveals Top Cybersecurity Risks of 2020

The volume of threats that security teams see on a daily basis can make it especially difficult to look at the big picture when it comes to developing an effective cybersecurity strategy. To see through the flood of data and alerts, organizations depend on actionable threat intelligence to help them understand and mitigate risks. Looking at long-term trends
Publish At:2020-02-11 08:51 | Read:261 | Comments:0 | Tags:Advanced Threats Threat Intelligence Cloud Cloud Adoption Cl

New PayPal Phishing Email Scam Wants Your Social Security Number

Security researchers have spotted a new PayPal phishing email scam that tries to steal a victim’s Social Security Number (SSN), among other sensitive data.The attack email informed a victim that their PayPal account was locked, and it instructed them to click a “Secure and update my account now !” button. Doing so directed a user to a bit.l
Publish At:2020-02-11 08:42 | Read:202 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Paypal

Data Privacy Event Disclosed by Affordable Preschool Provider

A San Diego-based provider of affordable preschool disclosed that a data privacy incident might have affected some customers’ personal information.In a notice of data breach published on February 5, Educational Enrichment Systems, Inc. (EES) announced that it had suffered a security incident involving an employee’s email account:On August 30, 201
Publish At:2020-02-10 10:33 | Read:128 | Comments:0 | Tags:IT Security and Data Protection Latest Security News data pr

How Do You Measure the Success of Your Patch Management Efforts?

If you follow the news, you will often see that yet another company has been breached or taken hostage by ransomware. If you read the full details of these stories, usually they have one main thing in common: These organizations are behind in patch management. The question that arises, then, is why? There are two sides to this story: A technical one and a pr
Publish At:2020-02-09 10:30 | Read:133 | Comments:0 | Tags:Endpoint Risk Management Business Continuity Common Vulnerab


Share high-quality web security related articles with you:)


Tag Cloud