News Clipping


Phishers’ techniques and behaviours, and what to do if you’ve been phished [helpnetsecurity]

Once a user has been phished, how long does it take for the phishers to misuse the stolen credentials? To discover the answer to that question and many others, Imperva researchers went undercover by creating 90 personal online accounts, including email and file sharing accounts with Google and Dropbox. Once the so-called honey pot accounts were active, the researchers deployed techniques to lure in the...

Read More


CowerSnail, from the creators of SambaCry [securelist]

Kaspersky Lab analysts managed to detect a malicious program for Windows that was apparently created by the same group responsible for SambaCry. It was the common C&C server that both programs used – cl.ezreal.space:20480 – that suggested a relationship between them. Kaspersky Lab products detect the new malicious program as Backdoor.Win32.CowerSnail.


HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign [fireeye]

A wide variety of threat actors began distributing HawkEye malware through high-volume email campaigns after it became available for purchase via a public-facing website. The actors behind the phishing campaigns typically used email themes based on current events and media reports that would pique user interests, with the “Subject” line typically containing something about recent news. Although HawkEye malware has several different capabilities, it is...

Read More


Real News, Fake Flash: Mac OS X Users Targeted [volexity]

Volexity recently identified a breach to the website of a well regarded media outlet in the country of Georgia. As part of this breach, the media organization’s website was being leveraged as a component of a malware campaign targeting select visitors who view it website in Georgian. The targets were then further narrowed to those that were running the Mac OS X operating system, had...

Read More


“Tick” Group Continues Attacks [paloaltonetworks]

The “Tick” group has conducted cyber espionage attacks against organizations in the Republic of Korea and Japan for several years. The group focuses on companies that have intellectual property or sensitive information like those in the Defense and High-Tech industries. The group is known to use custom malware called Daserf, but also employs multiple commodity and custom tools, exploit vulnerabilities, and use social engineering techniques.


Beware: New Bank of America Phishing Scam Stealing Card Data [hackread]

Cyber criminals are sending emails to unsuspecting users pretending to be representatives of the Bank of America. In the email, the sender is informing users that for their security, the bank has put limits on their account and the only way to get rid of limits is to confirm that they own the account. Whoever has sent the email has a terrible grammar, but it’s...

Read More


Spring Dragon – Updated Activity [securelist]

Spring Dragon is a long running APT actor that operates on a massive scale. The group has been running campaigns, mostly in countries and territories around the South China Sea, since as early as 2012. The main targets of Spring Dragon attacks are high profile governmental organizations and political parties, education institutions such as universities, as well as companies from the telecommunications sector.


Page 54 of 62« First...102030...5253545556...60...Last »