Phishing | SC Media
Skip to navigation Skip to main content

Phishing

Cybercrime, Data Breach, Phishing, Privacy & Compliance News and Analysis, Security News, Website/Web Server Security

DNA companies vulnerable to phishing, privacy violations after attacks

By
Publish Date

A malicious server compromise recently confirmed by DNA investigation services provider GEDmatch serves as a reminder of the incident response challenges and privacy ramifications that companies face when they trade in sensitive data – in this case, DNA, the most personal of data – especially when such incidents create unique opportunities for targeted phishing campaigns. Owned by…

Network Security, Research, Security News, Security Training, Certification, User Awareness

To reduce security errors, employers must relieve stress and fatigue

By
Publish Date

Working professionals are blaming stress, time pressure, fatigue and distractions for lapses in safe cyber practices – and current conditions caused by the Covid-19 pandemic may only be exacerbating the problem. According to a newly published research report from Tessian, a survey of 2,000 working professionals in the U.S. and UK found that 43 percent…

APTs/cyberespionage, Cybercrime, Government/Defense, Phishing, Security News

Leaked videos offer rare behind-the-scenes look at Iranian APT operation

By
Publish Date

Threat analysts hit the cyber intel mother lode after uncovering a 40GB data leak that included training videos shedding light on the activities of an Iranian advanced persistent threat group. In a company blog post this week, IBM X-Force Incident Response Intelligence Services (IRIS) said that the leaked assets were the result of an OPSEC error on…

Coronavirus, Email Security, Phishing, Security News

U.S. universities at risk of back-to-school and Covid-19 email fraud

By
Publish Date

The top 20 universities based in the U.S. are failing to implement proper DMARC protections and policies, opening the door for fraudsters to spoof their email domains and convincingly impersonate them at a time when students are likely expecting to receive a wealth digital communications related to back-to-school instructions, researchers warn. In particular, students and…

hacker in a hoodie
Cybercrime, Legal, Malware, Phishing, Security News

Unsealed indictment alleges Kazakh man is behind Fxmsp hacking group

By
Publish Date

Federal prosecutors have indicted Andrey Turchin, a 37-year-old citizen of Kazakhstan, on five criminal counts related to his alleged involvement in a financially motivated cybercriminal hacking collective known as Fxmsp that the Department of Justice says cost victims tens of millions of dollars. Turchin — who also individually goes by the alias Fxmsp — and…

APTs/cyberespionage, Cybercrime, Government, Government/Defense, Phishing, Security News

Australia says state-based actor is behind surge of sophisticated cyberattacks

By
Publish Date

Australian Prime Minister Scott Morrison warned late last week that a sophisticated, state-sponsored cyber actor has been attacking the country’s government and corporate institutions, as well as critical infrastructure operators, with increasing regularity. Morrison did not name-and-shame the specific country that is responsible for the alleged attacks. But inside sources told Reuters that China is…

Events, InfoSec World 2020, Malware, Network Security, Phishing, Security News

Sapphire Software’s Nicholas Takacs asks: Is self-aware malware possible yet?

By
Publish Date

“Two can play at this game…” Cybersecurity is a non-stop arms race between white hats and malicious hackers, and the three “A’s” — automation, analytics and artificial intelligence — are among the more powerful defensive tools that CISOs can implement to defend their organizations. But cybercriminals can also potentially employ them to magnify their attacks…

APTs/cyberespionage, Cybercrime, Malware, Phishing, Security News

Cyber snoops targeted aerospace, defense employees with fake job offers on LinkedIn

By
Publish Date

A cyber espionage operation used fake job offers, sent via LinkedIn messages, to target employees at aerospace and military companies in Europe and the Middle East late last year, researchers from ESET have reported. The highly targeted campaign — dubbed Operation In(ter)ception (an allusion to one malware sample’s file name) — took place from September…

Cybercrime, Email Security, Malware, Phishing, Security News

Black Lives Matter phishing scam looks to spread TrickBot malware

By
Publish Date

Scammers often craft social engineering schemes around major crises and news events, as demonstrated by the wealth of coronavirus-themed phishing campaigns seen this year. Now, as massive U.S. and global protests continue following the May 25 killing of George Floyd at the hands of a Minneapolis police officer, a new phishing operation is attempting to…

Coronavirus, Cybercrime, Email Security, Phishing, Security News

Phishing campaign targets remote workers with fake voicemail notifications

By
Publish Date

Looking for new angles to socially engineer employees working from home under COVID-19 conditions, attackers have devised a new phishing campaign that distributes emails that look as if they were generated by  Private Branch Exchange (PBX), a legacy technology that integrates with employees’ email clients so they can receive their voicemail recordings. In a company…

Next post in Coronavirus