spam Archives - Cyber Security Minute

Trojan-stealer discovered in spam mailouts to businesses

Issued by: Kaspersky Blog

We’re witnessing a new malicious mass-mailing campaign aimed at company employees using Agent Tesla spyware attachments. This time, when creating their e-mail messages, the attackers pay special attention to detail — so that their messages can really be mistaken for regular business e-mails with attached documents. Their final goal is to trick the recipient into…

Malware & Threats

Fake Cyberpunk Ape Executives target artists with malware-laden job offer

Issued by: Blog Malwarebytes

The wacky world of ape jpegs are at the heart of yet another increasingly bizarre internet scam, which contains malware, stolen accounts, a faint possibility of phishing, and zips full of ape pictures. The Ape Executives have a job offer you can, and must, refuse Lots of people with art profiles on social media in…

Malware & Threats

5 online scam red flags

Issued by: Kaspersky Blog

No one — gamer, cryptocurrency investor, or online shopper — is safe from scammers. But no matter who the victim is or how sophisticated the scheme may be, there is always a way to sniff out fraud before it’s too late. Today we’re looking at five common signs of online scams to help you avoid…

Malware & Threats

SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT

Issued by: Security Intelligence

Between late March and mid-April 2020, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a phishing campaign targeting small businesses that appears to originate from the U.S. Government Small Business Administration (SBA.gov). The emails, which contain subjects and attachments related to the need for small businesses to apply for disaster relief loans or provide…

Cloud Security, Vulnerabilities

High-risk vulnerabilities and public cloud-based attacks on the rise

Issued by: Help Net Security

A sharp increase (57%) in high-risk vulnerabilities drove the threat index score up 8% from December 2019 to January 2020, according to the Imperva Cyber Threat Index. Following the release of Oracle’s Critical Patch Update – which included 19 MySQL vulnerabilities—there was an unusual increase in the vulnerabilities risk component within the Index. Specifically, there…

Malware & Threats

Cyberattackers Focus on More Subtle Techniques

Issued by: Dark Reading

The time it takes to detect the average cyberattack has shortened, but cyberattackers are now using more subtle techniques to avoid better defenses, a new study of real incident response engagements shows. Victim organizations detected attacks in 14 days on average last year, down from 26 days in 2017. Yet, attackers seem to be adapting…

Malware & Threats

ROPEMAKER Attack Turns Benign Emails Hostile Post-Delivery

Issued by: Dark Reading

Just because an email is secure when it arrives in your inbox doesn’t mean that it cannot be maliciously modified later. The intersection of email and Web technologies in recent years has given attackers a way to undermine the security and non-repudiation of email, including those that are signed using PGP or SMIME, security vendor…

Vulnerabilities

Sneaky Gmail phishing attack fools with fake Google Docs app

Issued by: CSO

Google Docs was pulled into a sneaky email phishing attack on Tuesday that was designed to trick users into giving up access to their Gmail accounts. The phishing emails, which circulated for about three hours before Google stopped them, invited the recipient to open what appeared to be a Google Doc. The teaser was a…

Vulnerabilities

Locky ransomware makes a comeback, courtesy of Necurs botnet

Issued by: Help Net Security

The Necurs botnet has, once again, begun pushing Locky ransomware on unsuspecting victims. The botnet, which flip-flops from sending penny stock pump-and-dump emails to booby-trapped files that lead to malware (usually Locky or Dridex), has been spotted slinging thousand upon thousand of emails in the last three or four days.

Vulnerabilities

Job seekers on ZipRecruiter being targeted by scams via email and text

Issued by: CSO

Right now, thousands of people are looking for a new job online. Some of them just want a change, but others are looking for a stable income to support themselves and their families. Scammers are targeting job seekers with precision, often making contact instantly after the victim submits and application or receives a notification from…