phishing

Pierluigi Paganini May 11, 2020
Experts disclose security flaws in Oracle’s iPlanet Web Server

Researchers discovered a set of issues impacting Oracle’s iPlanet Web Server that could result in sensitive data exposure and limited injection attacks. Researchers discovered two security flaws impacting Oracle’s iPlanet Web Server, tracked as CVE-2020-9315 and CVE-2020-9314, that could cause sensitive data exposure and limited injection attacks. The flaws have been discovered by experts at Nightwatch […]

Pierluigi Paganini May 08, 2020
Phishers turning hard-working: CERT-GIB records upsurge of phishing resource blockages as duration of attacks grows

Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. This trend, revealed by Group-IB’s Computer Emergency Response Team (CERT-GIB), resulted in the tremendous increase in the number of phishing websites blockages over the given period — it rose by over 230 percent year-on-year. In 2019 in general, web […]

Pierluigi Paganini May 02, 2020
Fake Microsoft Teams notifications aim at stealing Office365 logins

Phishing attacks impersonating notifications from Microsoft Teams targeted as many as 50,000 Teams users to steal Office365 logins. Abnormal Security experts observed two separate phishing attacks impersonating notifications from Microsoft Teams that targeted as many as 50,000 Teams users to steal Office365 logins. The popularity of Microsoft Teams has spiked as a result of the […]

Pierluigi Paganini April 23, 2020
State-sponsored hackers are using COVID-19 lures, Google warns

Google warns that nation-backed hackers are exploiting the COVID-19 pandemic to organizations involved in the fight against the pandemic. Google is warning that nation-state actors are exploiting the COVID-19 (Coronavirus) pandemic to target health care organizations and entities involved in the fight against the pandemic. Google’s Threat Analysis Group (TAG) shared its latest findings related […]

Pierluigi Paganini April 21, 2020
How to Protect Against COVID-19 Email Scams

The increasing number of news articles circulating on the internet in the wake of COVID-19 has resulted in the rise of Phishing attacks which feed on people’s fears. Phishing emails have been driven up to 600% since the end of February as cybercriminals capitalize on people’s fears. COVID-19 phishing emails have been said to make […]

Pierluigi Paganini April 20, 2020
Threat Report Portugal Q1 2020

Threat Report Portugal Q1 2020: Phishing and malware by numbers. The Portuguese Abuse Open Feed 0xSI_f33d is a novel open sharing database with the ability to collect indicators from multiple sources, developed by Segurança-Informática. This feed is based on automatic searches and also has a strong contribution from the community. This makes it a reliable and trustworthy and […]

Pierluigi Paganini April 17, 2020
Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days. The IT giant also […]

Pierluigi Paganini April 15, 2020
How much is the phish? Underground market of phishing kits is booming – Group-IB

The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. Group-IB, a Singapore-based cybersecurity company, has found out that phishing kits are the new bestsellers of the underground market, with the number of phishing kit ads on underground forums and their […]

Pierluigi Paganini April 14, 2020
Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware

PaloAlto Networks experts warn of malicious Coronavirus themed phishing campaigns targeting government and medical organizations. Experts from Paloalto Unit 42 published a report that analyzes the cross-section between the various types of Coronavirus-themed attacks aimed at organizations in different industries. Recently organizations in healthcare, research, and government facilities have been hit by Coronavirus-themed attacks that […]

Pierluigi Paganini April 11, 2020
Fake Cisco ‘Critical Update’ used in phishing campaign to steal WebEx credentials

Crooks are using a fake Cisco “critical security advisory” in a new phishing campaign aimed at stealing victims’ Webex credentials. The Cofense’s phishing defense center has uncovered an ongoing phishing campaign that uses a Cisco security advisory related to a critical vulnerability as a lure. The phishing messages urge victims to install the “update,” but […]