Tag: social engineering
-
The Register: Red team hacker on how she ‘breaks into buildings and pretends to be the bad guy’
Source URL: https://www.theregister.com/2024/09/29/interview_with_a_social_engineering/ Source: The Register Title: Red team hacker on how she ‘breaks into buildings and pretends to be the bad guy’ Feedly Summary: Alethe Denis exposes tricks that made you fall for that return-to-office survey Interview A hacker walked into a “very big city" building on a Wednesday morning with no keys to…
-
Schneier on Security: New Windows Malware Locks Computer in Kiosk Mode
Source URL: https://www.schneier.com/blog/archives/2024/09/new-windows-malware-locks-computer-in-kiosk-mode.html Source: Schneier on Security Title: New Windows Malware Locks Computer in Kiosk Mode Feedly Summary: Clever: A malware campaign uses the unusual method of locking users in their browser’s kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware. Specifically, the malware “locks” the user’s…
-
CSA: The Benefits of Social Engineering Campaigns
Source URL: https://www.schellman.com/blog/penetration-testing/benefits-of-a-social-engineering-campaign Source: CSA Title: The Benefits of Social Engineering Campaigns Feedly Summary: AI Summary and Description: Yes Summary: The text emphasizes the significance of social engineering campaigns as an integral part of cybersecurity strategies. It highlights how such initiatives can help organizations identify vulnerabilities, strengthen technical defenses, and improve incident response through real-world…
-
Hacker News: Crypto scammers hack OpenAI’s press account on X
Source URL: https://techcrunch.com/2024/09/23/crypto-scammers-hack-openais-press-account-on-x/ Source: Hacker News Title: Crypto scammers hack OpenAI’s press account on X Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a hacking incident involving OpenAI’s official press account on X (formerly Twitter), where scammers promoted a non-existent cryptocurrency, $OPENAI, to lure users into a phishing scheme. This incident…
-
Hacker News: GitHub Notification Emails Hijacked to Send Malware
Source URL: https://ianspence.com/blog/2024-09/github-email-hijack/ Source: Hacker News Title: GitHub Notification Emails Hijacked to Send Malware Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a specific phishing attack targeting GitHub developers, illustrating how attackers exploit GitHub’s email notification system to spread malware. It highlights significant security vulnerabilities in email notifications and the importance…
-
Cloud Blog: An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/unc2970-backdoor-trojanized-pdf-reader/ Source: Cloud Blog Title: An Offer You Can Refuse: UNC2970 Backdoor Deployment Using Trojanized PDF Reader Feedly Summary: Written by: Marco Galli, Diana Ion, Yash Gupta, Adrian Hernandez, Ana Martinez Gomez, Jon Daniels, Christopher Gardner Introduction In June 2024, Mandiant Managed Defense identified a cyber espionage group suspected to have a North…
-
Slashdot: Fake Python Coding Tests Installed Malicious Software Packages From North Korea
Source URL: https://developers.slashdot.org/story/24/09/15/0030229/fake-python-coding-tests-installed-malicious-software-packages-from-north-korea?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Fake Python Coding Tests Installed Malicious Software Packages From North Korea Feedly Summary: AI Summary and Description: Yes Summary: The text describes a cybersecurity threat involving malicious software packages attributed to the North Korean Lazarus Group, which are disguised as Python coding tests directed at job seekers. This highlights…
-
The Register: Predator spyware updated withn dangerous new features, also now harder to track
Source URL: https://www.theregister.com/2024/09/09/predator_spyware_trump_crypto/ Source: The Register Title: Predator spyware updated withn dangerous new features, also now harder to track Feedly Summary: Plus: Trump family X accounts hijacked to promote crypto scam; Fog ransomware spreads; Hijacked PyPI packages; and more Infosec in brief After activating its chameleon field and going to ground following press attention earlier…
-
The Register: North Korean scammers plan wave of stealth attacks on crypto companies, FBI warns
Source URL: https://www.theregister.com/2024/09/05/fbi_north_korean_scammers_prepping/ Source: The Register Title: North Korean scammers plan wave of stealth attacks on crypto companies, FBI warns Feedly Summary: Feds warn of ‘highly tailored, difficult-to-detect social engineering campaigns’ The FBI has warned that North Korean operatives are plotting “complex and elaborate" social engineering attacks against employees of decentralized finance (DeFi) organizations, as…
-
The Register: UK trio pleads guilty to operating $10M MFA bypass biz
Source URL: https://www.theregister.com/2024/09/03/uk_trio_pleads_guilty_mfa_bypass/ Source: The Register Title: UK trio pleads guilty to operating $10M MFA bypass biz Feedly Summary: The group bragged they could steal one-time passwords from Apply Pay and 30+ sites A trio of men have pleaded guilty to running a multifactor authentication (MFA) bypass ring in the UK, which authorities estimate has…