Phishing Attacks Archives - Cyber Security Minute

BrandPost: The State of Cybercrime In 2022: Exploring the Microsoft Digital Defense Report

Issued by: CSO Online

Microsoft has worked to illuminate the evolving digital threat landscape with in-depth security reports for more than 15 years. Our mission first began with the Microsoft Security Intelligence Report, which ran from 2005 to 2018. It has since evolved into the Microsoft Digital Defense Report, which was first released in 2020. This latest edition explores…

Malware & Threats

Dropbox Code Repositories Stolen in Cyberattack on GitHub-Based Developers

Issued by: Dark Reading

A massive phishing campaign targeting GitHub users convinced at least one developer at Dropbox to enter in their credentials and a two-factor authentication code, leading to the theft of at least 130 software code repositories. According to a Dropbox advisory on Nov. 1, the mid-October attack consisted of emails that appeared to be from CircleCI,…

Application Security, Cloud Security

Researchers Turn Alexa and Google Home Into Credential Thieves

Issued by: Dark Reading

“Alexa, steal my passwords.” It’s not a phrase a user is likely to utter, but security researchers in Germany have shown that it’s possible for malicious apps — Alexa “skills” and Google Home “actions” — to launch phishing attacks on users, forward the compromised credentials to criminals, and do it all in apps approved for…

Malware & Threats

Phishing attacks that bypass 2-factor authentication are now easier to execute

Issued by: CSO

Penetration testers and attackers have a new tool in their arsenal that can be used to automate phishing attacks in a way that defeats two-factor authentication (2FA) and is not easy to detect and block. The tool makes such attacks much easier to deploy, so organizations should adapt their anti-phishing training accordingly. The new toolkit…

Mobile Security

Vulnerable Android password managers make phishing attacks easier

Issued by: Help Net Security

Android password managers can be tricked into entering valid login credentials into phishing apps, a group of researchers has discovered. They have also found that Instant Apps, a Google technology that allows users to “try” Android apps without the need to fully install them, can make phishing attacks more practical. The research Simone Aonzo, Alessio…

Malware & Threats

Manipulation tactics that you fall for in phishing attacks

Issued by: Help Net Security

It’s 6 p.m. on a Friday. Just as you finish packing up for the day, an email from your boss pops up on your phone asking why an urgent payment didn’t go out earlier in the week. He’s tied up in a business dinner, so he needs you to wire payment to a specific vendor…

Network Security

Using Phishing Intelligence to Reel In Advanced Threats and Protect Corporate Networks

Issued by: Security Intelligence

Gone are the days of the Nigerian prince promising fortune to unsuspecting email recipients. Attackers have stepped up their phishing game and evolved their tactics to entice employees to click links or open attachments, preying on the opportunity to spread persistent malware or compromise credentials. These threat actors relentlessly target employees — both at work…