RiskIQ – Page 2 – WindowsTechs.com

How scammers use faked news articles to promote coronavirus ‘cures’ that only defraud victims

Posted on August 12, 2020 by Jeff Stone

Scammers are relying on fabricated news articles about the COVID-19 pandemic in an attempt to trick readers into signing up for bunk coronavirus cures. A network of content farm websites — the kind of sites that typically publish false hyperpartisan articles — are masquerading as legitimate news sites as part of an attempt to scam Americans, according to research published Wednesday by RiskIQ. By posting what appeared to be inflammatory news articles with headlines like “One Mom Has Found a Solution to Fight Back Coronavirus,” fraudsters aim to bring a would-be victim to their website, then inundate them with ads for expensive, and fake virus cures. “Our research found that several of the advertisements loaded on these fake news sites lead to subscription traps,” the report states. “A subscription trap works by offering a free or deeply discounted trial of a product while hiding clauses in the terms of service […]

The post How scammers use faked news articles to promote coronavirus ‘cures’ that only defraud victims appeared first on CyberScoop.

Continue reading How scammers use faked news articles to promote coronavirus ‘cures’ that only defraud victims→

Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands

Posted on July 24, 2020 by Sean Lyngaas

The security team at Twilio, a cloud communications company that claimed over $1 billion in revenue last year, could breathe a sigh of relief on Sunday night. Earlier in the day, someone had manipulated the code in a software product that Twilio customers use to route calls and other communications. The breach resembled a Magecart-style attack that skims websites for users’ financial data. Twilio cleaned up the code hours later, and said there was no sign the attackers had accessed customer data. But the damage could have been worse if the attack had been targeted, multiple security experts told CyberScoop. With access to the code, which was sitting in an unsecured Amazon cloud storage service known as an S3 bucket, the attackers could have conducted phishing attacks or distributed malware through the platform, according to Yonathan Klijnsma, head of threat research at security company RiskIQ. Dave Kennedy, founder of cybersecurity […]

The post Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands appeared first on CyberScoop.

Continue reading Twilio breach spotlights struggle to keep corporate software kits out of the wrong hands→

Attackers exploit Twilio’s misconfigured cloud storage, inject malicious code into SDK

Posted on July 23, 2020 by Zeljka Zorz

Twilio has confirmed that, for 8 or so hours on July 19, a malicious version of their TaskRouter JS SDK was being served from their one of their AWS S3 buckets. “Due to a misconfiguration in the S3 bucket that was hosting the library, a bad actor… Continue reading Attackers exploit Twilio’s misconfigured cloud storage, inject malicious code into SDK→

High-profile Twitter accounts hijacked to push Bitcoin scam. How did it happen?

Posted on July 16, 2020 by Zeljka Zorz

The Twittersphere went into overdrive on Wednesday as a bunch of prominent, verified Twitter accounts were hijacked and started promoting a COVID-19 cryptocurrency giveaway scam. The attackers simultaneously compromised Twitter accounts of Bill Gates, … Continue reading High-profile Twitter accounts hijacked to push Bitcoin scam. How did it happen?→

What is the true extent of the modern corporate digital attack surface?

Posted on June 12, 2020 by Help Net Security

RiskIQ released a report analyzing the company’s internet-wide telemetry and massive internet data collection to reveal the true extent of the modern corporate digital attack surface. Digital attack surface challenges “Today, organizations … Continue reading What is the true extent of the modern corporate digital attack surface?→

Emerging MakeFrame Skimmer from Magecart Sets Sights on SMBs

Posted on April 2, 2020 by Elizabeth Montalbano

Attacks using a brand-new card-harvesting code is targeting small- to medium-sized businesses, claiming 19 sites so far. Continue reading Emerging MakeFrame Skimmer from Magecart Sets Sights on SMBs→

Magecart hackers have spent weeks lurking on NutriBullet’s website

Posted on March 18, 2020 by Jeff Stone

A group of scammers using a pervasive hacking technique have spent weeks lurking on the website where NutriBullet customers entered their payment data, according to new findings from a cybersecurity vendor. RiskIQ published research on Wednesday detailing how a hacking group, known as Magecart Group 8, snuck malicious code onto NutriBullet’s website to collect financial information from customers who purchased blenders and other products from the company. The attack began on Feb. 20 and continues today, despite an interruption between March 1 and March 5, RiskIQ said. NutriBullet did not respond to multiple requests for comment. RiskIQ said its researchers have spent three weeks trying to contact the company without receiving a response. The compromise was ongoing as of this article’s publication, RiskIQ said. “Magecart” is a blanket name for a hacking technique in which attackers insert a small amount of malicious code into the e-commerce payment process. Magecart groups […]

The post Magecart hackers have spent weeks lurking on NutriBullet’s website appeared first on CyberScoop.

Continue reading Magecart hackers have spent weeks lurking on NutriBullet’s website→

Cybercriminals leveraging coronavirus outbreak to execute ransomware attacks

Posted on March 11, 2020 by Help Net Security

Cybercriminals are likely to leverage the global anxiety around the coronavirus outbreak to execute ransomware attacks against businesses, according to RiskIQ. After extensive analysis of past ransomware attacks during global epidemics and current phis… Continue reading Cybercriminals leveraging coronavirus outbreak to execute ransomware attacks→

Almost three-quarters of all phishing sites now use SSL protection

Posted on February 26, 2020 by Help Net Security

The total number of phishing sites detected by the Anti-Phishing Working Group (APWG) worldwide in October through December 2019 was 162,155, following the all-time-high of 266,387 attacks recorded in July through September 2019. Most menacing, however… Continue reading Almost three-quarters of all phishing sites now use SSL protection→

Blacklisted apps increase 20%, attackers focus on tax-branded key terms

Posted on October 25, 2019 by Help Net Security

In 2018, global app spending hit $101 billion and is expected to surpass that this year. Mobile is a significant portion of the overall corporate attack surface where security teams often suffer from a lack of visibility. For the second consecutive qua… Continue reading Blacklisted apps increase 20%, attackers focus on tax-branded key terms→