Phishing news & analysis | SC Media

Phishing

iphone

Facebook phishing campaign hitting iOS users

A new phishing campaign targeting mainly iOS users asking them to login in with their Facebook account and give away their credentials. The report by Myki said the attackers create fake copies of legitimate sites to attract victims. The victim is then asked to login in using his or her social media credentials, like Facebook.…

IRS

IRS warns of new tax-related phishing scams

With tax season in full the IRS warns of new tax-related phishing scams swing the IRS us warning citizens, tax preparers, HR personnel and payroll staffer of new tax phishing tax scams being implemented this year by cybercriminals. So far this tax season the IRS has come across a steady stream of fake emails, text…

Orgs detecting breaches quicker, attackers more persistent

Although attackers are more persistent than ever, organizations are getting better at detecting breaches – on average discovering the intrusions about a week earlier. The median time lapse between the beginning of a breach and its detection in 2017 was 57.5 days but in 2018 that gap narrowed to 50.5 days, according to FireEye’s 2019…

ghostlyskullmobilemalware_826540

Shifty new variant of Qbot banking trojan spreads

An active malware campaign primarily targeting U.S. corporations with a new polymorphic variant of the Qbot banking trojan has been compromising thousands of victims around the world, researchers have reported. The worm-like malware, whose original version is roughly a decade old, allows attackers to collect browsing activity and steal bank account credentials and other financial…

DNC issues cybersecurity guidance for 2020 election

Stung by Russian hackers intent on swaying the 2016 presidential election, the Democratic National Committee (DNC) has put considerable resources into shoring up cybersecurity and on Friday releases a checklistmeant to secure campaign and candidate devices. “The checklist is exactly that: a list of steps you can complete and then check off,” DNC CSO Bob…

New 'Rombertik' malware destroys master boot record if analysis function detected

Malspam campaign fakes Google reCAPTCHA images to fool victims

A recently discovered malspam campaign targeting customers of a Polish bank was found using forgeries of Google reCAPTCHA images to fake legitimacy. The banking malware was delivered via phishing emails that purported to seekin confirmation of a recent banking transaction that in reality never occurred, according to Feb. 21 blog post published week by Sucuri. Recipients…

North Korean hackers allegedly pick on Russian targets for a change

The reputed North Korean APT actor known as Lazarus Group (aka Hidden Cobra) typically focuses its hacking efforts on South Korea, Japan and the U.S., but one of its suspected campaigns from last January surprisingly appears to have targeted Russian businesses with its signature Lazarus backdoor malware. Taking place from Jan. 26-31, the phishing campaign…

ghostlyskullmobilemalware_826540

New Separ credential-stealing campaign abuses legit tools and executables

A new phishing campaign distributing the credential-stealing malware Separ has over the last few weeks reportedly affected hundreds of business organizations, primarily those located in Southeast Asia and the Middle East. The malware has been uploading stolen data from infected entities on a daily basis, with additional targets based in North America, according to a Feb.…

Phishing emails imitate North American banks to infect recipients with TrickBot

An spam-based phishing campaign recently targeted North American banking customers with malicious Excel documents designed to infect victims with a new variant of the information-stealing TrickBot banking trojan, researchers reported earlier this week. The scam dates back to at least Jan. 27 and peaked in volume on Jan. 30, according a new blog post from…

Phishing campaign targeted subscribers to Tibetan Government-in-Exile’s mailing list

Subscribers to a Tibetan Government-in-Exile mailing list were targeted in a recent email-based phishing campaign designed to infect them with a remote access trojan. Dubbed ExileRAT, the trojan is capable of gathering system information, retrieving and pushing files, and executing and ending various processes, according to a blog post from Cisco Systems’ Talos division, whose…

Next post in Security News