Phishing Archives - Page 5 of 23 - Cyber Security Minute

FBI: Beware of Scam Cryptocurrency Investment Apps

Issued by: Dark Reading

Would-be cryptocurrency investors are being targeted in a scam that has already stolen more than $42.7 million from 244 victims, according to the latest private industry notification from the Federal Bureau of Investigation. According to the FBI, scammers have used phishing attacks to convince victims to download fake mobile cryptocurrency investment apps impersonating legitimate investment…

Malware & Threats

Google Blocks Domains of Hack-for-Hire Groups in Russia, India, UAE

Issued by: Security Week

The internet giant has added more than 30 domains used by these threat groups to its Safe Browsing mechanism, which prevents users from accessing them. Hack-for-hire groups are often conflated with entities offering surveillance tools. Google has pointed out that surveillance vendors typically provide the tools needed for spying but leave it up to the…

Vulnerabilities

Researchers Devise New Type of Bluetooth LE Relay Attacks

Issued by: Security Week

Meant to provide significantly reduced power consumption and costs at communication ranges similar to those provided by Bluetooth, BLE is used for a broad range of applications in sectors such as automotive, healthcare, security, home entertainment, and more. BLE proximity authentication is typically to unlock or keep unlocked products such as cars, smart locks, access…

Malware & Threats

Spreading malware through community phishing

Issued by: Help Net Security

In this video for Help Net Security, Maor Hizkiev, Senior Director Software Engineering at Datto, talks about a recently analyzed community phishing campaign revolving around Nvidia. This phishing campaign started back in 2020, when Nvidia released their 30 series of graphic cards, which are heavily used by cryptominers. Datto started monitoring this phishing campaign on…

Software Security

What can March Madness and 538 teach us about cybersecurity risk?

Issued by: CSO

I love this time of year, with March Madness excitement in the air and my Notre Dame Fighting Irish still in the tournament (as of the writing of this column)! More importantly – yes, more importantly – I love monitoring the 538 March Madness prediction website to see how the chances of winning change through…

Network Security

HD Moore’s Rumble Raises $15M Series A Investment

Issued by: Security Week

The Austin, Texas-based Rumble on Monday announced it had banked a new $15 million in Series A financing from Decibel Partners and a laundry-list of boldface cybersecurity practitioners. Rumble, created by HD Moore (of Metasploit fame), sells technology to help defenders monitor exposed attack surfaces. The company said the new money will help accelerate go-to-market…

Malware & Threats

Multi-Factor Authentication Bypass Led to Box Account Takeover

Issued by: Security Week

Because of the vulnerability – which was addressed in November 2021 – an attacker only needed stolen credentials to access an organization’s Box account and steal sensitive data, provided that the account has SMS-based MFA enabled (which has long been proven insecure). Box, which claims that close to 100,000 companies use its platform, allows users…

Software Security

Apache Foundation Calls Out Open-Source Leechers

Issued by: Security Week

“[The] community is defined by those who show up and do the work. Companies that build open source into their products rarely participate in their continued maintenance,” the ASF said in a position paper published ahead of a high-level White House meeting on open-source software security. “Only a tiny percentage of downstream companies (reusing the…