Tag: phishing
-
Krebs on Security: This Windows PowerShell Phish Has Scary Potential
Source URL: https://krebsonsecurity.com/2024/09/this-windows-powershell-phish-has-scary-potential/ Source: Krebs on Security Title: This Windows PowerShell Phish Has Scary Potential Feedly Summary: Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard…
-
The Register: Mind your header! There’s nothing refreshing about phishers’ latest tactic
Source URL: https://www.theregister.com/2024/09/12/http_headers/ Source: The Register Title: Mind your header! There’s nothing refreshing about phishers’ latest tactic Feedly Summary: It could lead to a costly BEC situation Palo Alto’s Unit 42 threat intel team wants to draw the security industry’s attention to an increasingly common tactic used by phishers to harvest victims’ credentials.… AI Summary…
-
Slashdot: SpyAgent Android Malware Steals Your Crypto Recovery Phrases From Images
Source URL: https://it.slashdot.org/story/24/09/06/220250/spyagent-android-malware-steals-your-crypto-recovery-phrases-from-images?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: SpyAgent Android Malware Steals Your Crypto Recovery Phrases From Images Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the SpyAgent Android malware, highlighting its use of optical character recognition (OCR) to steal sensitive cryptocurrency wallet information. Notably targeting South Korea, this malware threatens to extend its…
-
Krebs on Security: Owners of 1-Time Passcode Theft Service Plead Guilty
Source URL: https://krebsonsecurity.com/2024/09/owners-of-1-time-passcode-theft-service-plead-guilty/ Source: Krebs on Security Title: Owners of 1-Time Passcode Theft Service Plead Guilty Feedly Summary: Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to…
-
The Register: Novel attack on Windows spotted in phishing campaign run from and targeting China
Source URL: https://www.theregister.com/2024/09/02/securonix_china_slowtempest_campaign/ Source: The Register Title: Novel attack on Windows spotted in phishing campaign run from and targeting China Feedly Summary: Resources hosted at Tencent Cloud involved in Cobalt Strike campaign Chinese web champ Tencent’s cloud is being used by unknown attackers as part of a phishing campaign that aims to achieve persistent network…
-
Cloud Blog: A Measure of Motive: How Attackers Weaponize Digital Analytics Tools
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/how-attackers-weaponize-digital-analytics-tools/ Source: Cloud Blog Title: A Measure of Motive: How Attackers Weaponize Digital Analytics Tools Feedly Summary: Adrian McCabe, Ryan Tomcik, Stephen Clement Introduction Digital analytics tools are vital components of the vast domain that is modern cyberspace. From system administrators managing traffic load balancers to marketers and advertisers working to deliver relevant…
-
The Register: This uni thought it would be a good idea to do a phishing test with a fake Ebola scare
Source URL: https://www.theregister.com/2024/08/22/ucsc_phishing_test_ebola/ Source: The Register Title: This uni thought it would be a good idea to do a phishing test with a fake Ebola scare Feedly Summary: Needless to say, it backfired in a big way University of California Santa Cruz (UCSC) students may be relieved to hear that an emailed warning about a…
-
Hacker News: New Phishing Technique Bypasses Security on iOS and Android to Steal Bank Creds
Source URL: https://www.securityweek.com/new-phishing-technique-bypasses-security-on-ios-and-android-to-steal-bank-credentials/ Source: Hacker News Title: New Phishing Technique Bypasses Security on iOS and Android to Steal Bank Creds Feedly Summary: Comments AI Summary and Description: Yes **Summary:** This text discusses a new phishing tactic identified by ESET that targets mobile banking users on iOS and Android. It highlights how attackers create deceptive Progressive…
-
Hacker News: Attackers can exfil data with Slack AI
Source URL: https://promptarmor.substack.com/p/data-exfiltration-from-slack-ai-via Source: Hacker News Title: Attackers can exfil data with Slack AI Feedly Summary: Comments AI Summary and Description: Yes Summary: The text describes a critical vulnerability in Slack AI that allows attackers to exfiltrate sensitive information from private channels through prompt injection, specifically indirect prompt injection. This security issue is particularly relevant…