Catch of the Day: DHL Shipping Phish with a side of Trojan Horse
Chef’s Special: Exchange Phish
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to phish@wyzguys.com.
My intention is ...
Continue Reading →
The world has evolved so much in the past few years. These changes are even more apparent in light of the Covid-19 pandemic, with people and businesses forced to adapt and move everything online, from office meetings to grocery shopping.
Need to buy a pair of jeans? Ran out of groceries for the week? Craving your favorite food? All of these ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.While reviewing spam traps, a particular campaign piqued Trustwave’s interest primarily because the attachment to the email did not coincide with the theme of the email body. The email, with the Subject “GOOD LOAN OFFER!!”, at ...
Password theft – One of the easiest exploits for a cyber-criminal may be the one of the worst for the victim. The recent SolarWinds disaster (yes it is a disaster, not just hyperbola) began when a Russian cyber-ops group discovered the password to the SolarWinds update server was “protected” by the password SolarWinds123. This password is easily guessable and a terrible choice for a critical system such as an update ...
If the Pandemic wasn’t enough to deal with, we still have to deal with people and their poor password choices.
Three passwords security controls that really make a difference.
Have a Happy Thanksgiving – Be sure to watch the video below.
A quick Saturday digest of cybersecurity news articles from other sources.Original release date: July 16, 2020
This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques.
Attributing malicious cyber activity that uses network ...
Continue Reading →
A guest post from frequent contributor Siege Media.
Aside from the fact that your grandma is complaining about her shrinking internet, the internet is growing at a pace that’s pretty hard to even imagine–approximately 576,000 new websites per day, with each site being a potential ...
Continue Reading →Phishing Email AlertsCatch of the Day: Wells Fargo Identity Theft Phish – A trifecta – bank account, personal information, and a credit card. On the Dark Web this is called a Fullz.
Chef’s Special: Phishing attacks impersonate QuickBooks invoices ahead of July 15 tax deadline
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.The Wordfence Threat Intelligence Team just published details of an attack harvesting database credentials, targeting over 1 million WordPress sites. For 24 hours, attacks from this campaign accounted for 75% of all exploit attempts on plugins and themes across all of WordPress.
Both the free and paid versions ...
Continue Reading →
