The organization alerted partner companies of a breach that took place in July, in which attackers attempted to glean sensitive information.
Users who are duped and open up an attachment that claims to be a voice message become infected with the info-stealing malware.
Phishing emails are made to look like order confirmations from major retailers, like Best Buy, Target and Walmart, security firm Malcovery warns.
The latest ruse leverages the uptick in holiday shopping in order to lure victims into giving up personal information.
Trend Micro detailed the variant and attackers' delivery techniques.
The increase could be attributed to a recently discovered spam campaign that involves phony emails claiming to be from the Canadian Post or USPS.
Researchers at PhishMe warned of the campaign that uses purported payment confirmations to fool victims.
The bug, CVE-2014-6352, has a temporary solution, but still no permanent fix from Microsoft.
Email samples discovered by researchers at Trustwave reveal how attackers are infecting users with the DarkComet Remote Access Trojan.
Jaime Estrada was sentenced to nine months in prison and was ordered to pay a $10,000 fine.
Google announced Tuesday that it will begin warning Gmail users if they are being targeted by state-sponsored attacks in hopes that they can take "immediate steps" to secure their accounts.
Researchers at security firm F-Secure said this week they have spotted a malicious PDF making the rounds that opens a legitimate copy of the Games' schedule, but in the background it tries to connect to a malicious website.
Cyber criminals have cloaked spam to resemble US Airways check-in emails in phishing attempts that lead to Zeus trojan infections.
Trustwave, a cloud-based compliance and information security solutions provider, announced on Tuesday it will acquire M86 Security, a web security solutions and anti-malware provider.
The feature, which is currently available for users in the U.S. Canada, India, and the Philippines, requires a second form of verification beyond a password for any "suspicious" login attempt.
A message purportedly sent from the FBI Anti-Terrorist and Monetary Crimes Division is making its way to inboxes, threatening recipients that they will be arrested if they do not reply back.
Most spam messages sent in recent days have been delivered with subject lines containing fake order or ticket numbers, delivery invoices, payment notices or tax information, according to researchers from security firm Websense.
A Reddit user with the handle "Roddds" found the credentials of 47,000 webmail users after investigating a phishing message.
Attackers have been circulating a trojan via email messages with subjects such as "ACH payroll payment was not accepted by Central Trust and Savings Bank."
Patrick Ricciardi, 45, allegedly abused his access as an information systems specialist to spy on official emails meant for Hoboken, N.J. Mayor Dawn Zimmer.
Throughout the day, SC Magazine will be announcing the finalists from each of its 32 award categories, covering the Reader Trust, Professional and Excellence sections.
A Florida man pleaded innocent Tuesday to hacking into the email accounts of Scarlett Johansson, Mila Kunis, Christina Aguilera and dozens of other celebrities to steal photos, emails and other documents.
Researchers have discovered a way to evade Facebook security controls to deliver a message that could come outfitted with a malicious attachment.
A Florida man has been charged with hacking into the email accounts of Mila Kunis, Christina Aguilera, Scarlett Johansson and dozens of other celebrities to steal photos, emails and other documents. Christopher Chaney, 35, of Jacksonville was nabbed following an 11-month police investigation dubbed "Operation Hackerazzi," according to an FBI statement this week. Once he had access to a victim's email account, which he obtained by using publicly available information, he allegedly changed the settings so that all of their emails would be automatically forwarded to him. He also stole private photos, which he offered to celebrity blogs. Chaney was charged with accessing and damaging protected computers without authorization, wiretapping and aggravated identity theft. He faces up to 121 years in prison.
There were some definite trends that we observed this month. The first is that we are getting fewer physical appliances in favor of virtual ones.
Some users of the new social media service Google+ were inadvertently spammed with email notifications this weekend following a technical malfunction on the site. The error occurred during an 80-minute period when Google+, currently in beta, ran out of disk space on a system that keeps track of notifications, Vic Gundotra, a Google senior vice president of engineering, wrote in a Saturday post. "We didn't expect to hit these high thresholds so quickly, but we should have," Gundotra said.
Google+ is barely a few days old, but the criminal element already is capitalizing on users' interest in joining the new social networking service, according to Sophos. Researchers at the security firm have spotted a new campaign in which junk mailers are blasting out pharmacy spam disguised as invites to the online sharing portal. "[C]licking on the links will not take you to the new social network, but instead...to a pharmacy website set up to sell the likes of Viagra, Cialis and Levitra to the unwary," wrote Graham Cluley, senior technology consultant at Sophos, in a Friday blog post.
Cybercriminals are scrapping widespread malicious email campaigns for more targeted attacks, according to a new Cisco report.
Small and midsize organizations may want to take note: There is a particularly large Zeus spam campaign making the rounds.
Google has identified and disrupted a campaign operating out of eastern China meant to hijack and monitor the Gmail accounts belonging to hundreds of users, the technology giant revealed Wednesday.
Sign up to our newsletters
SC Magazine Articles
- Impact of Linux bug 'grinch' spans servers, workstations, Android devices and more
- House, in rush vote, passes Intelligence Authorization Act
- More than 100K WordPress sites compromised by malware due to plugin vulnerability
- U.S. accounts for most Mac OS X attacks and websites seeded with malware
- Audit shows University of Maryland security flaws remain
- Critical 'Misfortune Cookie' bug puts millions of internet-connected routers at risk
- Securing the enterprise with the five W's of access
- Exploits, mobile and cloud storage threats will plague users in 2015
- 2015 trends to watch: Data destruction, endpoint intelligence and user behavior analytics
- Former employees sue Sony, theaters drop 'The Interview'