In April 2024, the FBI warned about a new type of smishing scam. Smishing is the term we use for phishing attacks sent via text message.
This particular smishing scam tries to trick users into clicking a link by telling them they owe a “small amount” in toll fees. The scammers send a text claiming that the recipient owes money for unpaid tolls. It looks as if the targets are chosen randomly, but if you’ve been on a recent summer trip or will be visiting your relatives during the holiday season the chances are higher that you will believe this type of text.
Read more…
Source: Malwarebytes Labs
Related:
- Xfinity discloses a data breach but doesn’t say how many users are affected
December 18, 2023
Xfinity is notifying customers of a “data security incident” it says resulted in the theft of customer information, including usernames, passwords, contact information, and more. In a notice on Monday, Xfinity says “there was unauthorized access” to its systems from October 16th to October 19th, 2023. Xfinity traces the breach to a security vulnerability disclosed by ...
- Coverage Advisory for CVE-2023-50164: Apache Struts Path Traversal and File Upload Vulnerability
December 18, 2023
CVE-2023-50164 is a path traversal flaw that allows a remote attacker to upload malicious files to vulnerable servers. After successful exploitation, an attacker can achieve Remote Code Execution (RCE) on the target server. An attacker exploiting such a vulnerability can access, upload, or modify important files, steal sensitive information, disrupt critical services, or move laterally on ...
- #StopRansomware: Play Ransomware
December 18, 2023
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint CSA to disseminate the Play ransomware group’s IOCs and TTPs identified through FBI investigations as recently as October 2023. Since June 2022, the Play (also known as Playcrypt) ransomware group ...
- MongoDB, North Face owner VF Corp and Mr. Cooper fall victim to cyberattacks
December 18, 2023
It has been a busy few days on the cybersecurity front as three notable companies confirmed hacks over the last two days: MongoDB Inc., North Face and Vans owner VF Corp., and mortgage broker Mr. Cooper Group Inc. The first hack, that of MongoDB, was confirmed over the weekend and involved its corporate systems being breached ...
- Defense Contractor Austal USA Confirms a Cyber Attack by Hunters International Ransomware Group
December 15, 2023
Australian-based American defense contractor Austal USA has confirmed a cyber attack after the Hunters International ransomware group listed the company and shared samples of the stolen data as proof. Austal USA is a Contractor for the US Department of Defense (DOD) and the Department of Homeland Security (DHS), undertaking major U.S. Navy shipbuilding programs. With five ...
- Snatch ransomware attack claims probed by Kraft Heinz
December 15, 2023
U.S. multinational food and beverage company Kraft Heinz has launched an investigation into the Snatch ransomware gang’s recently emerged claims of an August attack even though there has been no indication of any systems compromise. Despite admitting responsibility for the attack, the Snatch ransomware operation has not posted any proof of data that it exfiltrated from ...