Collaborate Disseminate
Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,” and (2) it only changed the link’s … Continue reading X.com Automatically Changing Link Text but Not URLs
On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to redirect to “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which is currently rendered as fedex.com in tweets. Continue reading Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
In this Help Net Security video, Josh Bartolomie, VP of Global Threat Services at Cofense, discusses how email will remain a target as long as it remains the predominant form of communication within a business. Cofense researchers have found that malic… Continue reading How malicious email campaigns continue to slip through the cracks
By Deeba Ahmed
New Byakugan Malware Steals Data, Grants Remote Access & Uses OBS Studio to Spy! Fortinet reveals a phishing campaign distributing Byakugan malware disguised as a PDF. Don’t click! Learn how to stay safe.
This is a post from HackRea… Continue reading Beware the Blur: Phishing Scam Drops Byakugan Malware via Fake PDF
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting has been used by legitimate organizations to uniquely identify web browsers … Continue reading Cybercriminal adoption of browser fingerprinting
Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient’s natural curiosity about being copied on a private discussion, which is modified to include a malicious link or attachment. Here’s the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop. Continue reading Thread Hijacking: Phishes That Prey on Your Curiosity
Threat intelligence firm EclecticIQ documents the delivery of malware phishing lures to government and private energy organizations in India.
The post Cyberespionage Campaign Targets Government, Energy Entities in India appeared first on SecurityWeek.
Continue reading Cyberespionage Campaign Targets Government, Energy Entities in India
DNS FireWall is an intuitive security app built to protect you and your business from malware, phishing, botnets and more security threats. Continue reading Protect Your Business With This Seamless Firewall — Now $150 Off
Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them to impersonate a variety of brands based in over 100 different countries: postal services, public and private ut… Continue reading Attackers leverage weaponized iMessages, new phishing-as-a-service platform
Hardware wallet manufacturer Trezor has explained how its Twitter account was compromised – despite it having sensible security precautions in place, such as strong passwords and multi-factor authentication.
Read more in my article on the Hot for Se… Continue reading Trezor’s Twitter account hijacked by cryptocurrency scammers via bogus Calendly invite