social engineering
When the phone call is more dangerous than malware
During Social Engineer Capture the Flag contest, one of the most prominent and popular annual events at DEF CON 21, a pool of 10 men and 10 women, from diverse backgrounds and …
Fake Whatsapp notification delivers malware
WhatsApp is one of the most popular instant-messaging services out there, and its huge user base (over 300 million active users) makes Whatsapp-themed spam a great way to …
How to social engineer a social network
Social engineering has for a while now been cyber attackers’ best bet to enter systems and compromise accounts when actual hacking doesn’t work, or when they …
Convincing “Urgent Windows Error Fix” phishing email doing rounds
A pretty convincing email phishing campaign is targeting one of the largest user bases out there – those who use Microsoft’s Windows OS – by taking advantage …
Bogus AmEx “Unusual activity detected” email leads to phishing
An extremely thorough phishing campaign is currently targeting American Express customers by trying to make them believe that access to their account will be restricted within …
Cross-platform Frutas RAT delivered via targeted emails
The cross-platform Frutas RAT is being used in a new email phishing campaign targeting high-profile finance, mining, and telecom companies as well as governments in Europe and …
Chrome, Firefox users targeted with account-hijacking plugins
Hijacked social networking accounts can be monetized in a number of ways, so cyber crooks are always thinking up new ways of doing so, preferably without the user noticing. …
Preventing the exploitation of human vulnerabilities
Secure Mentem released the Human Incident Response Service to specifically address the issue of exploiting human vulnerabilities. Some of the most noted attacks in recent …
Social engineering tops list of help desk security threats
Help desks are most commonly asked to assist users in addressing common IT problems including password resets and application and connectivity issues. Often the performance of …
Fake Pinterest “Password changed” email leads to malware
Pinterest users beware: an email purportedly coming from the popular pinboard-style photo-sharing website and notifying you of a successful password reset is fake: If you …
“Blizzard Entertainment IP Restrictions” phishing email doing rounds
Blizzard Entertainment has acknowledged that the notification email that has been hitting users’ inboxes and has been purportedly sent by the company is, in fact, a …
Beware of “Social Security” Facebook phishing scams
Hijacked Facebook Fan Pages are a great asset to online spammers and scammers, so it’s no wonder that at any given time there are a number of active phishing campaigns …
Featured news
Resources
Don't miss
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests