Game over? It’s up to your password
My fellow 90s gamers will remember LAN parties — the original connected gaming — and playing Counter-Strike and Half-Life in Internet cafés. For many, Counter-Strike was our introduction to multiplayer gaming. Then, in the early 2000s, a game called World of Warcraft changed everything. I had never seen so many people on the same server before! It was a new world,…
Facebook Launches New Anti-Phishing Feature
Facebook announced on Wednesday the introduction of a new security feature designed to help users check if the emails they receive are legitimate or if they have been sent by cybercriminals. When it detects a suspicious login attempt or a password change, Facebook notifies users by sending them an email from the Facebookmail.com domain. Cybercriminals…
Exploits and fileless malware drive record new malware surge
McAfee released its McAfee Labs Threat Report: December 2017, examining the growth and trends of new malware, ransomware, and other threats in Q3 2017. McAfee Labs saw malware reach an all-time high of 57.6 million new samples – four new samples per second – featuring developments such as new fileless malware using malicious macros, a…
Why phishers love HTTPS
As more and more sites switch to HTTPS, the number of phishing sites hosted on HTTPS domains is also increasing. “In the third quarter of 2017, we observed nearly a quarter of all phishing sites hosted on HTTPS domains, nearly double the percentage we saw in the second quarter. A year ago, less than three…
Analysis of 3,200 Phishing Kits Sheds Light on Attacker Tools and Techniques
Phishing kits are used extensively by cybercriminals to increase the efficiency of stealing user credentials. The basic kit comprises an accurate clone of the target medium’s login-in page (Gmail, Facebook, Office 365, targeted banks, etc), and a pre-written php script to steal the credentials — both bundled and distributed as a zip file. Successfully phished…
How to identify every type of phishing attack
Every data breach and online attack seems to involve some kind of phishing attempt to steal password credentials, to launch fraudulent transactions, or to trick someone into downloading malware. In early 2016, 93 percent of phishing emails delivered ransomware, according to statistics from PhishMe.
New Locky Ransomware Strain Emerges
Latest version goes by the .asasin extension and is collecting information on users’ computer operating system and IP address. Locky authors have again retooled the highly persistent ransomware campaign with a new strain that performs reconnaissance on victims’ computers and goes by a new file extension name, PhishMe reports today.
Google offers Advanced Protection for high-risk users of its services
High-risk Google users – journalists, human rights and civil society activists, but also campaign staffers and people in abusive relationships – can now take advantage of Google’s Advanced Protection Program to keep their account safe from extremely targeted attacks. What is Advanced Protection? “Advanced Protection provides Google’s strongest security, designed for those who are at…
Apple’s intermittent password prompts prime iOS users for phishing
By asking iOS users to enter their AppleID password intermittently and with no regard of environment, Apple has laid the groundwork for phishers to go after the sought-after login credentials. Where’s the problem? “iOS asks the user for their iTunes password for many reasons, the most common ones are recently installed iOS operating system updates,…
Sophisticated Phishing Attacks Target Internet Freedom Activists
The Electronic Frontier Foundation (EFF) revealed on Wednesday that employees of Internet freedom NGOs “Free Press” and “Fight for the Future” have been targeted in sophisticated spear-phishing attacks. The EFF is aware of nearly 70 attempts to steal the credentials of net neutrality activists between July 7 and August 8. The attacks, believed to be…