Collaborate Disseminate
A new threat group called “Fullz House” is using both phishing and web skimming in order to maximize the profits of its attacks. Fullz House isn’t new to the threat landscape, but RiskIQ observed that the group had expanded its activi… Continue reading Fullz House Group Using Phishing and Web Skimming to Maximize Profits
Catch Hospitality Group revealed that a point-of-sale (POS) malware incident might have exposed some of its customers’ data. The restaurant and catering company launched an investigation and retained the services of a digital forensics firm after… Continue reading Catch Says POS Malware Incident Might Have Exposed Customers’ Data
Wireless network operator T-Mobile revealed that a security incident might have exposed the personal information of some of its customers. In a statement posted on its website, T-Mobile said that its security teams had discovered an instance of “… Continue reading T-Mobile Says Security Incident Might Have Affected Some Customer Data
A convicted Nigerian fraudster earned more than $1 million from a scam that he executed while serving a multi-year prison term. The Economic and Financial Crimes Commission (EFCC) launched an investigation into how Hope Olusegun Aroke had pulled off th… Continue reading Nigerian Fraudster Pulled Off $1M Scam While Serving Prison Term
Security researchers have released a new decryption tool that could help victims of Jigsaw ransomware recover their affected files for free. In a blog post announcing the new utility, Emsisoft explained that its decryptor can work against 85 extensions… Continue reading New Decryption Tool Released for Jigsaw Ransomware
Macy’s is notifying customers about a data security incident that might have exposed some of their personal and financial information. The American department chain store said that it first learned of the incident back in mid-October. At that tim… Continue reading Macy’s Says Security Incident Might Have Exposed Customers’ Data
Digital fraudsters are stealing Microsoft Office 365 administrator credentials as part of a broader phishing campaign targeting organizations. The campaign began with a phishing email that leveraged Microsoft and its Office 365 brand to lull recipients… Continue reading Phishers Targeting Microsoft Office 365 Admin Credentials
Digital fraudsters have launched a new phishing campaign whose attack emails instruct recipients to click on a “Keep same password” button. Bleeping Computer observed that the phishing campaign uses attack emails that arrive with “Acc… Continue reading Phishing Email Instructs Users to Click on “Keep Same Password” Button
Mexican state-owned petroleum company Petroleos Mexicanos (Pemex) said that it quickly neutralized a digital attack that struck its computer systems. In a statement released on November 11, a spokesperson for Pemex said that the company had quickly res… Continue reading Mexico’s Pemex Said It Quickly Neutralized Digital Attack
The Texas Health and Human Services Commission (TX HHS) must pay a civil penalty of $1.6 million for having violated HIPAA. The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) imposed the penalty in response to H… Continue reading Texas HHS Commission Penalized $1.6M for HIPAA Violations