Phishing Archives - Page 4 of 23 - Cyber Security Minute

Cyberattacks in healthcare sector more likely to carry financial consequences

Issued by: Help Net Security

Netwrix announced additional findings for the healthcare sector from its global 2022 Cloud Security Report, revealing that 61% of respondents in the healthcare industry suffered a cyberattack on their cloud infrastructure within the last 12 months, compared to 53% for other verticals. Phishing was the most common type of attack reported. “The healthcare sector is…

Network Security

How to fortify elections and electoral campaigns against human hacking

Issued by: Help Net Security

In this interview for Help Net Security, James Turgal, VP of Cyber Risk, Strategy and Board Relations at Optiv, talks about election cybersecurity and how to keep elections and electoral campaigns safe. Midterms are getting closer, and election cybersecurity is again in the spotlight. What is making it so vulnerable? After the results of the…

Vulnerabilities

Zoom for macOS Contains High-Risk Security Flaw

Issued by: Security Week

The vulnerability, which carries a CVSS severity score of 7.3/10, is documented as a debugging port misconfiguration that is opened by the Zoom client on macOS machines. Details from Zoom’s advisory: Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When…

Vulnerabilities

Personal Information of 123K Individuals Exposed in City of Tucson Data Breach

Issued by: Security Week

The incident was identified at the end of May 2022, but the city concluded its investigation only last month. In a data breach notice on its website, the city says that the incident was the result of compromised network account credentials that allowed the attackers to access files containing the personal information of some individuals….

Malware & Threats

YouMail, Inc. and WMC Global Partner to Deliver Voice and SMS Phishing Disruption Services

Issued by: Dark Reading

YouMail, the leading provider of call protection services for consumers, enterprises, and service providers, and WMC Global, a 16-year leader in mobile threat intelligence, today announced their joint cybersecurity intelligence solution that safeguards against voice and SMS phishing scams. The partnership between YouMail and WMC Global is a first-of-its-kind offering that protects brands and their…

Malware & Threats

The Advantages of Threat Intelligence for Combating Fraud

Issued by: Security Week

Leveraging threat intelligence to combat nation state espionage threats is a common practice for cybersecurity teams. However, outside of common types of fraud seen in darkweb or closed forums, the same threat intelligence often is not leveraged to combat enterprise fraud. If you are a target of APT threats by espionage actors, buying access to…

Malware & Threats

Malicious Macro-Enabled Docs Delivered via Container Files to Bypass Microsoft Protections

Issued by: Security Week

Initially announced in February, the macro-blocking feature is meant to prevent phishing attacks by making it more difficult for users to enable macros in documents received from the internet. Small snippets of code embedded in Office documents, macros have long been abused by threat actors in phishing attacks and for malware delivery. In 2016, Microsoft…

Vulnerabilities

Microsoft Connects USB Worm Attacks to ‘EvilCorp’ Ransomware Gang

Issued by: Security Week

According to fresh data from Redmond’s threat intelligence team, a ransomware-as-a-service gang it tracks as DEV-0206 has been caught rigging online ads to trick targets into installing a loader for additional malware previously attributed to EvilCorp. Even more ominously, Microsoft said its research teams discovered EvilCorp malware distribution tactics and observed behavior all over the…

Malware & Threats

FBI: Beware of Scam Cryptocurrency Investment Apps

Issued by: Dark Reading

Would-be cryptocurrency investors are being targeted in a scam that has already stolen more than $42.7 million from 244 victims, according to the latest private industry notification from the Federal Bureau of Investigation. According to the FBI, scammers have used phishing attacks to convince victims to download fake mobile cryptocurrency investment apps impersonating legitimate investment…