Phishing Archives - Page 6 of 23 - Cyber Security Minute

Anti-Bot Fraud Detection Firm HUMAN Snags $100M Investment

Issued by: Security Week

The latest financing was led by WestCap, with additional investment from Dave DeWalt’s NightDragon. It comes exactly one year after the company (previously known White Ops) was acquired by the Goldman Sachs merchant banking division. HUMAN Security sells technology capable of differentiating between bots and human transactions on the internet, protecting enterprises from fraudulent e-commerce…

Malware & Threats

5 online scam red flags

Issued by: Kaspersky Blog

No one — gamer, cryptocurrency investor, or online shopper — is safe from scammers. But no matter who the victim is or how sophisticated the scheme may be, there is always a way to sniff out fraud before it’s too late. Today we’re looking at five common signs of online scams to help you avoid…

ZeroFox to Go Public in $1.4 Billion SPAC Deal

Issued by: Security Week

ZeroFox provides an AI-powered platform that protects users and brands from social media-sourced threats. The platform analyzes millions of pieces of publicly-accessible content in platforms such as Microsoft 365, G Suite, LinkedIn, Facebook, Slack, Instagram, and Apple and Google mobile app stores — looking for potential threats such as account compromise, fraudulent profiles, business email…

Mobile Security

Citizen Lab Exposes Cytrox as Vendor Behind ‘Predator’ iPhone Spyware

Issued by: Security Week

Citizen Lab teamed up with the threat-intel team at Facebook parent company Meta to expose Cytrox alongside a handful of PSOAs (private sector offensive actors) in the murky surveillance-for-hire industry. In a detailed technical report published late Thursday, Citizen Lab said Cytrox is responsible for a piece of iPhone eavesdropping malware that was planted on…

Malware & Threats

Trend Micro Spots Chinese Hackers Targeting Transportation Sector

Issued by: Security Week

Also known as Earth Centaur and KeyBoy, the advanced persistent threat (APT) has been around since 2011, conducting espionage campaigns against organizations in government, healthcare, high-tech, and transportation sectors in Hong Kong, the Philippines, and Taiwan. As part of the attacks conducted over the past year and a half, Trend Micro warned that the group…

Vulnerabilities

Microsoft Patches 67 Security Flaws, Including Zero-Day Exploited by Emotet

Issued by: Security Week

In the final Patch Tuesday release for 2021, the Redmond, Wash. software giant called special attention to CVE-2021-43890, a spoofing vulnerability in the Microsoft Windows AppX installer and warned that the bug is being exploited in the wild by the Emotet malware operation. “Microsoft is aware of attacks that attempt to exploit this vulnerability by…

Software Security

Hardware Security Firm Axiado Banks $25M Investment

Issued by: Security Week

The company is building a Trusted Control/Compute Unit (TCU) product that is being positioned as a new class of security processors that provide platform root-of-trust for large enterprise customers. Axiado, which employs approximately 40 in Silicon Valley, said the $25 million Series B investment brings the total raised to $40 million. The round was led…

Malware & Threats

‘Sabbath’ Ransomware Operators Target Critical Infrastructure

Issued by: Security Week

According to a warning from Mandiant, the group previously operated under the names of Arcane and Eruption and was observed last year deploying the ROLLCOAST ransomware. In October 2021, the group created the public naming-and-shaming site 54BB47h (Sabbath), one month after a post was discovered where the malware group announced it was looking for partners…

Malware & Threats

FBI: Ransomware Attacks Exploit Financial Business Events

Issued by: Security Week

Ransomware actors are known for performing extensive research prior to launching an attack on victims, using publicly available information, along with material non-public data. Should the victim refrain from paying the ransom, the attackers threaten to disclose the gathered information publicly, thus attempting to extort the victim, the FBI warned. “Ransomware actors are targeting companies…

Network Security

SolarWinds Outlines ‘Triple Build’ Software Development Model to Secure Supply Chain

Issued by: Security Week

In the SolarWinds incident, up to 18,000 companies could have received the malware injected into the SolarWinds software. Not all could have been affected. Many of these ‘victims’ did not install the infected version, and many others did so on servers with no internet connectivity. Of those companies that did receive the Nobelium Sunburst malware,…