Web-phishing targeting various online services almost doubled during the COVID-19 pandemic, it accounted for 46 percent of the total number of fake web pages. Singapore, 09/18/2020 — Group-IB, a global threat hunting and intelligence company headquartered in Singapore, evidenced the transformation of the threat portfolio over the first half of 2020. It ca

Thousands of Magento-powered online stores have been hacked over the past few days as part of a skimming campaign that has been described as the “largest ever.”The attack is being monitored by Sansec, a Netherlands-based cybersecurity company that specializes in solutions designed to counter digital skimming. Sansec on Monday reported seeing nearly 2,000 Mag

byPaul DucklinOur cybersecurity antennae always start vibrating when we see warnings about attacks that involve a new type of file.We’re sure you have the same sort of reaction.After all, if a file type that you’ve treated for years as mostly harmless suddenly turns out to be possibly very dangerous, you’re faced with a double dilemma: How

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned election-related entities to be on the lookout for phishing attacks.In an insight piece published on September 10, CISA highlighted malicious actors’ preference for phishing attacks in their efforts to target political parties, think tanks and other entities that might be involved

A phishing attack used real-time validation against an organization’s Active Directory in order to steal users’ Office 365 credentials.According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of the world’s Top 50 most innovative companies for 2019 on a Friday evening.The email used s

Warner Music Group last week started informing customers of its e-commerce websites that their personal information may have been compromised as a result of a data breach suffered by an external service provider.In a data breach notification submitted to the California Attorney General, the music company said it learned of the breach on August 5, but the hac

A recently discovered cybercrime gang, tracked as Epic Manchego, is using a new technique to create weaponized Excel files that are able to bypass security checks Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since J

A JavaScript skimmer identified earlier this year uses dynamic loading to avoid detection by static malware scanners, Visa warns.Referred to as Baka, the e-commerce skimmer was first discovered in February 2020, but has already impacted several merchant websites across numerous global regions.The skimmer is basic, containing the expected components and funct

Experts spotted a phishing campaign that employees overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the victims. Researchers from Cofense discovered a phishing campaign that uses overlay screens and email ‘quarantine’ policies to steal Microsoft Outlook credentials from the targets. The overlay screens are dis

Security researchers observed that malicious actors had incorporated a targeted company’s homepage into a message quarantine phishing campaign.The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguised itself as a message quarantine notification from the targeted company’s IT department.The emai

IT threat evolution Q2 2020. PC statistics IT threat evolution Q2 2020. Mobile statistics Targeted attacks PhantomLance: hiding in plain sight In April, we reported the results of our investigation into a mobile spyware campaign that we call ‘PhantomLance’. The campaign involved a backdoor Trojan that the attackers distributed via dozens of apps

Post-mortem analysis of data breaches shows that most of today’s cyber-attacks are front ended by phishing campaigns. The most recent CryptoForHealth Twitter Hacker is just one of many examples. This is not surprising, since the easiest way for a threat actor to gain access to sensitive data is by compromising an end user’s identity and credentials. Things g

byPaul DucklinHere’s a phishing email we received recently that ticks all the cybercriminal trick-to-click boxes.From BEC, through cloud storage to an innocent-sounding One Note document, right into harm’s way.Instead of simply spamming out a clickable link to as many people as possible, the crooks used more labyrinthine techniques, presumably in

The Iran-linked hacking group known as Charming Kitten recently switched to WhatsApp and LinkedIn to conduct phishing attacks, Clearsky security researchers reveal.Active since at least 2011, the adversary is also tracked as Ajax Security Team, APT35, ITG18, NewsBeef, Newscaster, and Phosphorus, and was previously observed targeting a U.S. presidential candi

A sophisticated cybercrime group has stolen payment card data from hundreds of websites over the past five years using JavaScript sniffer malware, threat hunting and intelligence company Group-IB reported on Thursday.Named UltraRank by Group-IB, the threat actor has launched at least three campaigns since 2015, including one that appears to be ongoing. While