Friday Phish Fry

Phishing Email Alerts

Catch of the Day: Citibank Payment Phish

Chef’s Special:  BEC Phish

Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.

I would be delighted to accept suspicious phishing examples from you.  Please forward your email to phish@wyzguys.com.

My intention is to provide a warning, examples of current ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020

CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) devices manufactured by the firm QNAP.

All QNAP NAS devices are potentially vulnerable to QSnatch malware if not ...

Continue Reading →
0

Anubis Banking Trojan Using Google Play and Telegram App

The powerful Anubis banking Trojan is showing up in the Google Play Store in other apps. Currently, Anubis is masquerading as a battery saver and currency converter.  This Android banking Trojan launches a fake app overlay screen when the user opens the app. The user enters his or her account credentials into the fake overlay, which allows the Anubis malware to steal the data. Anubis can imitate 377 financial apps ...

Continue Reading →
1

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Hacked tornado warning systems leave Texans in the dark

Add this latest public warning system sabotage to a growing list of fear-and-panic-spreading hacking incidents.


You left WHAT on that USB drive?!

Nudies, taxes, and memos – oh, my! Research shows that even if we think we’ve deleted content on the sticks, we’re leaving ...

Continue Reading →
0

Smartphone Malware Exploits On The Rise

Lately there have been a spate of incidents involving smartphone apps for the iPhone and Android phones that were discovered to be malicious in various ways.  The important commonality in these revelations was that cyber-criminals had actually modified legitimate apps by hijacking several developer’s credentials, including their “Developer Certificate.”  The developer key provides a digital signature that validates the app as being ...

Continue Reading →
0
Page 1 of 5 12345