Hackers exploiting popular social engineering ‘toolkits’ to refine cyber attacks

Hackers are regularly using highly customisable online resources to add social engineering components to render their attacks more effective, according to new research from Malwarebytes. One website identified by the team features an expansive toolkit that has drawn more than 100,000 visits in Read More …

‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information

Despite having an apparent lull in the first half of 2019, phishing will remain a staple in a cybercriminal’s arsenal, and they’re not going to stop using it. The latest example is a phishing campaign dubbed Heatstroke, based on a variable found Read More …

‘Twas the night before

Recently, the United States Cyber Command (USCYBERCOM Malware Alert @CNMF_VirusAlert) highlighted several VirusTotal uploads of theirs – and the executable objects relating to 2016 – 2017 NewsBeef/APT33 activity are interesting for a variety of reasons. Before continuing, it’s important to restate yet again that Read More …

U.S. Military Members Catfished and Hooked for Thousands of Dollars

Prisoners in South Carolina posed convincingly as beautiful women on social media platforms. A sextortion ring that aimed “catfish” efforts at U.S. military service members has been uncovered. The scam bilked 442 service members from the Army, Navy, Air Force Read More …

British spies ‘hacked into Belgian telecoms firm on ministers’ orders’

British spies are likely to have hacked into Belgium’s biggest telecommunications operator for at least a two-year period on the instruction of UK ministers, a confidential report submitted by Belgian prosecutors is said to have concluded. The finding would support Read More …

Crooks Combine Phishing and Impersonation For Higher Success Rate

While phishing continues to be the prevalent threat in malware-less email-based attacks, cybercriminals refine their methods by adding an impersonation component to increase the success rate against company employees. Phishing emails are easy to deploy and do not require other Read More …

Cybercrooks home in on infosec’s weakest link – you poor gullible people

Cybercrims are ramping up their efforts to target employees through fraudulent email and social media scams, according to a new study by email security firm Proofpoint. Retailers and government agencies saw huge quarter-on-quarter increases in email fraud attempts in calendar Read More …

US special counsel indicts 13 members of Russia’s election meddling troll farm

Special Counsel Robert Mueller’s office said Friday that a grand jury has indicted 13 Russian nationals and three Russian entities accused of violating federal laws in order to interfere with US elections and political processes during the 2016 presidential race. Read More …