HackDig : Dig high-quality web security articles for hackers

Gift card hack exposed – you pay, they play

byPaul DucklinThanks to Bill Kearney of Sophos Rapid Response for his work on this article.If you’ve read the recent Sophos 2021 Threat Report, you’ll know that we deliberately included a section about all the malware out there that isn’t ransomware.Sure, ransomware understandably hogs the media headlines these days, but cybercriminality go
Publish At:2020-11-24 16:25 | Read:167 | Comments:0 | Tags:Data loss Vulnerability Cybercrime gift cards hacking Scam h

Unprotected database exposed a scam targeting 100K+ Facebook accounts

Researchers discovered an ElasticSearch database exposed online that contained data for over 100000 compromised Facebook accounts. Researchers at vpnMentor discovered an ElasticSearch database exposed online that contained an archive of over 100.000 compromised Facebook accounts. The archive was used by crooks as part of a global hacking campaign against
Publish At:2020-11-16 17:55 | Read:215 | Comments:0 | Tags:Breaking News Cyber Crime Social Networks data leak Elastics

A week in security (November 9 – November 15)

Last week on Malwarebytes Labs, we reported on multiple patch releases: from Mozilla’s Firefox and Thunderbird to Google’s Chrome. We also had a chat with our resident experts, Adam Kujawa and John Donovan, about the future of IoT cybersecurity in our latest Lock and Code podcast episode. Lastly, we took a look at a new ransomware called RegretLo
Publish At:2020-11-16 15:06 | Read:107 | Comments:0 | Tags:A week in security amazon amazon scam android malware BBB Be

Phishers Using Google Drive to Trick People into Visiting Malicious Websites

Reports emerged of phishers having abused a feature in Google Drive in an attempt to trick users into visiting malicious websites.In this scam wave, users reported having received Google Drive notifications in Russian or English asking them to collaborate on unfamiliar documents. Those documents contained links to scam websites.Some of those links tried to e
Publish At:2020-11-02 09:01 | Read:210 | Comments:0 | Tags:IT Security and Data Protection Latest Security News Google

Trump campaign website defaced by scammers

Hackers broke into a website used in Donald Trump ‘s campaign website on Tuesday, the news is worrying because comes a few days before Election Day. Hackers defaced a website used in Donald Trump’s campaign website, donaldjtrump.com, displaying the following message: “This site was seized.” “The world has had enough of the
Publish At:2020-10-28 12:23 | Read:281 | Comments:0 | Tags:Breaking News Hacking cryptocurrency hacking news informatio

President Trump’s Campaign Website Defaced by Cryptocurrency Scammers

Unknown individuals temporarily defaced the official campaign website of President Donald Trump with a cryptocurrency scam.Twitter user Gabriel Lorenzo Greschler was among the first to spot the defacement, which is believed to have occurred at around 16:00 PST on October 27..@realDonaldTrump's campaign website has been hacked. Doing research for a climat
Publish At:2020-10-28 08:07 | Read:146 | Comments:0 | Tags:IT Security and Data Protection Latest Security News cryptoc

Keeping ransomware cash away from your business

A ransomware gang has made headlines for donating a big chunk of stolen funds to two charities. Two separate donations given to Children International and The Water Project rang tills to the tune of $10,000 each. Their reason was that they’re targeting “only large profitable corporations, we think it’s fair that some of the money they’ve paid will go to char
Publish At:2020-10-27 15:23 | Read:262 | Comments:0 | Tags:Cybercrime Malware bitcoin charities charity donations illeg

U.S. Federal Court Issues Restraining Order against Tech Support Scheme

A federal court in the United States issued a temporary restraining order against a tech support scheme that’s alleged to have targeted U.S. consumers.On October 15, the U.S. District Court filed Southern District of Florida submitted a complaint against Michael Brian Cotter, 59, of Glendale, California.The complaint alleged that Cotter had worked with
Publish At:2020-10-16 07:31 | Read:301 | Comments:0 | Tags:IT Security and Data Protection Latest Security News malware

FIFA 21 game scams: watch out for unsporting conduct

Despite COVID-19, soccer season is slowly ebbing its way back into daily life around the world. It’s also sneaking back onto TV screens in the form of huge-budget video games. Step up to the plate, FIFA 21. FIFA games: the football juggernaut The FIFA series is an absolute monster in terms of sales, clocking in at around 280 million copies across
Publish At:2020-10-14 15:23 | Read:288 | Comments:0 | Tags:Cybercrime Social engineering coins EA fake FIFA football FU

A week in security (September 28 – October 4)

Last week on Malwarebytes Labs, we dug into what happens when card fraud comes calling, we gave a rundown on some novel ransomware attacks that took advantage of smart coffee makers, and we introduced VideoBytes, our new, monthly series in which we’ll provide video coverage of some of the cybersecurity world’s top stories. In our first week, we g
Publish At:2020-10-05 13:23 | Read:432 | Comments:0 | Tags:A week in security a week in security awis fake fraud malwar

Lock and Code S1Ep16: Investigating digital vulnerabilities with Samy Kamkar

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Samy Kamkar, chief security officer and co-founder of Open Path, about the digital vulnerabilities in our physical world. If you look through a recent history of hacking, you’ll find the clear significance
Publish At:2020-09-30 12:27 | Read:268 | Comments:0 | Tags:Podcast Activision hack Call of Duty account compromise cisa

SMS phishing scam pretends to be Apple “chatbot” – don’t fall for it!

byPaul DucklinAren’t SMSes dead? Aren’t they just plain old text anyway? Surely they’re of no interest to cybercriminals any more?Well, SMSes aren’t dead at all – they’re still widely used because of their simplicity and convenience.Indeed, as a general-purpose short message service – which is literally what the lett
Publish At:2020-09-30 10:45 | Read:341 | Comments:0 | Tags:Apple Phishing fraud phishing Scam smishing SMS

Fake web alerts – how to spot and stop them

bySean GallagherInternet scammers are always looking for a better way to separate unwitting device users from their money. And as with all other endeavors, they’ve learned that it pays to advertise.At SophosLabs we recently researched a collection of scams that exploit web advertising networks to pop up fake system alerts on both computers and mobile devices
Publish At:2020-09-09 10:19 | Read:289 | Comments:0 | Tags:Uncategorized Scam scam ads web scam

A week in security (August 31 – September 6)

Last week on Malwarebytes Labs, we dug into security hubris on the Lock and Code podcast, explored ways in which Apple’s notarization process may not be hitting all the right notes, and detailed a new web skimmer. We also explained how to keep distance learners secure, talked about PCI DSS compliance, and revealed that SMB security posture is weakened by COV
Publish At:2020-09-07 13:06 | Read:272 | Comments:0 | Tags:A week in security facebook malware phish round up scam secu

Gift Cards Requested in Two-Thirds of BEC Attacks, Report Reveals

A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks.For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By contrast, d
Publish At:2020-09-01 16:00 | Read:456 | Comments:0 | Tags:IT Security and Data Protection Latest Security News BEC gif

Tools