phishing

Pierluigi Paganini July 16, 2017
Did you receive a WhatsApp subscription ending email or text? Watch out!

Did you receive a WhatsApp subscription ending email or text? Watch out! It is a scam to steal your payment and personal data. Researcher Graham Cluley is warning of bogus ‘WhatsApp subscription ending’ emails and texts. Internet users are receiving an email pretending to be from WhatsApp and warning them of the ending for an alleged WhatsApp […]

Pierluigi Paganini July 16, 2017
Hackshit PhaaS platform, even more easy to power Phishing campaigns

The experts from Netskope Threat Research Labs discovered the Hackshit PhaaS platform, another interesting case of crimeware-as-a-service. A few days ago, we discussed the Katyusha scanner,a powerful and fully automated SQLi vulnerability scanner discovered by researchers at security firm Recorded Future that was available for $500 in the cyber crime underground. The Katyusha scanner is just one […]

Pierluigi Paganini July 10, 2017
OSX DoK Malware linked to Operation Emmental used to target Swiss Banks again

Crooks behind the Operation Emmental hacking campaign have started targeting the Swiss banks using a variant of the DoK Mac OS X malware. In July 2014, malware researchers at Trend Micro published a report on the hacking campaign “Operation Emmental” that was targeting Swiss bank accounts whit a multi-faceted attack that allowed crooks to bypass two factor authentication implemented […]

Pierluigi Paganini May 17, 2017
The Electronic signature technology provider DocuSign suffered a data breach

Hackers broke into the system of the technology provider DocuSign and accessed customers email addresses. The experts warn of possible spear phishing attacks. The Electronic signature technology provider DocuSign suffered a data breach, hackers have stolen email addresses from one of its servers. On Monday the company informed its customers of the data breach and warned them of fake […]

Pierluigi Paganini April 29, 2017
FIN7 group has enhanced its phishing techniques

According to the experts from security firm FireEye, the financially-motivated FIN7 group is changing hacking techniques. The group that has been active since late 2015, and was recently spotted to have been targeting personnel involved with United States Securities and Exchange Commission (SEC) filings at various organizations with a new PowerShell backdoor dubbed POWERSOURCE. The […]

Pierluigi Paganini April 19, 2017
Homograph Phishing Attacks are almost impossible to detect on major browsers

The Chinese security Xudong Zheng is warning of Homograph Phishing Attacks are “almost impossible to detect” also to experts. The Chinese security researcher Xudong Zheng has devised a phishing technique that is “almost impossible to detect.” Hackers can exploit a known vulnerability in the popular web browsers Chrome, Firefox and Opera to display to the […]

Pierluigi Paganini April 02, 2017
Phishing campaigns target airline consumers seeking business credentials

A series of phishing campaigns is targeting airline consumers with messages crafted to trick victims into handing over personal or business credentials. A wave string of phishing campaigns is targeting airline consumers with messages crafted to trick victims into handing over personal or business credentials. The phishing messages pretend to be sent from a travel agency […]

Pierluigi Paganini March 01, 2017
Phishing Trends Report – 2016 ended as the worst year for phishing in history

The Anti-Phishing Working Group (APWG) published the Phishing Trends Report for Q4 2016. APWG reported 1.2 million phishing attacks in 2016. The Anti-Phishing Working Group (APWG) published the Phishing Trends Report for Q4 2016. The data are worrisome, 2016 ended as the worst year for phishing in history. The experts reported the total number of phishing attacks in 2016 […]

Pierluigi Paganini February 21, 2017
Corporate email addresses are 6.2x more targeted by phishing

At the RSA security conference in San Francisco, the experts at Google Research explained that Corporate email addresses are privileged targets for hackers. At the RSA security conference in San Francisco, the experts at the Google Research team at the Google Research team have shared the results of an interesting study on cyber attacks against emails accounts. Corporate […]

Pierluigi Paganini February 21, 2017
Operation BugDrop – Hackers siphoned 600GB taking control of PC microphones

Security firm CyberX uncovered the Operation Bugdrop, a cyber espionage campaign that mostly targeted Ukrainian organizations. Researchers at Security firm CyberX have discovered a cyber espionage campaign that siphoned more than 600 gigabytes from about 70 targets in several industries, including critical infrastructure and news media. The list of targets includes: A company that designs […]