Beware of Scammers Exploiting Recent Events

It seems that every new event brings out a crop of scammers ready to exploit the gullible.  Several recent scams are using the Equifax breach settlement, and the recent mass shootings in El Paso and Dayton to extract money from or deliver malware to their victims.

First, from KnowBe4, we have the details of several scams taking advantage of people attempting to get the $125 settlement payment they may be owed as a result of the Equifax ...

Continue Reading →
0

Don’t Get Emotional!

Social engineers have many tricks up their sleeves, and we have covered many of them in previous articles.  The biggest trick is phishing emails, of course, coupled with replica landing pages on hijacked websites.  Other methods include phone calls, such as fake tech support calls.  There are texting hoaxes, called smishing.  There are fake, cloned, or hijacked Facebook, LinkedIn, Twitter, and Instagram account ...

Continue Reading →
0

New Phishing Scams Look So Real

There has been a stream of email alerts arriving at my inbox lately that warned of a variety of new phishing approaches that are using well-known brands (OneDrive and Office 365, FedEx and UPS), trusted sources (Department of Homeland Security, Gmail, Yahoo Mail), secure services (TLS certificates and HTTPS web sites) and curiosity (you received an encrypted message) to trick recipients into clicking a link that leads to a fake replica ...

Continue Reading →
0

Guest Post – Mobile App Security Threats and Secure Best Practices Part 2

A guest post by KC Karnes

Mobile App Security Exploit Examples: Painful Real-life Lessons

The climate around mobile app security is heating up.

Mobile app vulnerabilities are exploited every day, resulting in expensive data breaches and loss of public trust.

In this section, we will try to learn from the failures of other companies and highlight how real the threats outlined above can be.

Timehop Fails To Trust Two-Factor Authentication

Starting in December of 2017, TimeHop was ...

Continue Reading →
0

Guest Post – Mobile App Security Threats and Secure Best Practices Part 1

A guest post by KC Karnes

Is your mobile app secure?

It shouldn’t come as a surprise that mobile apps are targeted by hackers, given the rapid adoption and increased usage globally. By some estimates, one out of every 36 mobile devices has high-risk apps installed.1

An even more sobering mobile app security statistic for businesses to hear: 71% of fraud transactions came from mobile apps and mobile browsers in the ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Social Warfare WordPress Plugin Zero-Day: Details and Attack Data

In our earlier post, we issued a warning to users of the Social Warfare plugin regarding a zero-day vulnerability affecting their sites. At this time, the plugin’s developers have issued a patch for the flaw. All users are urged to update to version 3.5.3 immediately.


Continue Reading →
0

Unhappy Valentines Day – Romance Fraud

This Valentine’s Day, be careful of who you let into your heart.  Unfortunately for every love-lorn single there is a fake Romeo or dating site scammer waiting to separate them from their money.  According to the FBI, the amount of money losses to victims of romance fraud makes it the second most lucrative cyber crime, generating $211 million for the perpetrators. Only business email ...

Continue Reading →
0
Page 1 of 8 12345...»