phishing


Introduction CVE-2017-0199 is a remote code execution vulnerability that exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploits this vulnerability can take control of an affected system and then install programs, view, change, or delete data, or create new accounts with full user rights. Microsoft issued a patch for this vulnerability April, and most security vendors have published alarms for it. Unfortunately, attacks targeting this vulnerability are still widely being used... [Read More]
by RSS Bahare Sabouri and He Xu  |  May 30, 2017  |  Filed in: Security Research
One of the main reasons for the rapid growth in tax refund fraud is that it takes little effort to file a false return. A valid name, date of birth, and Social Security number are all one needs to file a return. Given the unprecedented number of data thefts last year, it is obvious this information is readily available. A quick trip to the Dark Web can provide criminals with the ability to purchase millions of files with this data. [Read More]
by RSS Anthony Giandomenico  |  Mar 30, 2017  |  Filed in: Industry Trends
As a product manager, the start of the year is a time to take a few breaths and reflect on the successes or failures of the past year and plan for future projects.  When we have invested so much effort into our products, we know their strengths, but spending so much time in such close proximity to a solution can also make one a bit blinkered. Which is why it is always important to get outside opinions on your progress as a sanity check. Of course, customer feedback is essential, and always very welcome, but it was particularly satisfying to... [Read More]
by RSS Carl Windsor  |  Mar 15, 2017  |  Filed in: Industry Trends
Over the weekend, we encountered an interesting variation of a phishing email targeting Apple users. The email contained an alleged receipt for five movies purchased from the iTunes Store that was so detailed that the user who received it, and who knows better, still almost fell for the scam. Figure 1. Phishing Apple email Similar cases were reported in 2015 by users in the UK and Australia, except in those cases the fake receipt contained songs and books, respectively. Last year, similar emails targeting users in the US were also reported,... [Read More]
by RSS Lilia Elena Gonzalez Medina  |  Feb 23, 2017  |  Filed in: Security Research
At the end of last year, a critical vulnerability in PHPMailer that affected millions of websites – CVE-2016-10033 -  was discovered by Polish security researcher Dawid. This vulnerability allows an attacker to compromise the target’s web application by executing remote code on the vulnerable web server. There are numerous open source web applications that use PHPMailer as their main library for sending emails, including WordPress, Joomla, Yii, SugarCRM… More than a month after PHPMailer released a patch for this critical... [Read More]
by RSS Tien Phan   |  Feb 16, 2017  |  Filed in: Security Research
Read this post to find out why your employees might just be today’s biggest threat to healthcare data security. [Read More]
by RSS Susan Biddle  |  Dec 14, 2016  |  Filed in: Industry Trends
The US political season is over and a new President has been elected. This election has arguably been one of the most colorful (some might say entertaining) and controversial presidential election cycles in the country’s history. For cyber crooks, this has been just the right environment to target victims with their attacks and trolls. In this post we take a look at some of the more notable US campaign-themed malware and scams. While some may induce false fears and a few laughs, others represent serious threats.  “Donald... [Read More]
by RSS Joie Salvio and Rommel Joven  |  Nov 15, 2016  |  Filed in: Security Research
Active users of mobile banking apps should be aware of a new Android banking malware campaign targeting customers of large banks in the United States, Germany, France, Australia, Turkey, Poland, and Austria. This banking malware can steal login credentials from 94 different mobile banking apps. Due to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication. Additionally, it also contains modules to target some popular social media apps. Install the malware The malware masquerades... [Read More]
by RSS Kai Lu  |  Nov 01, 2016  |  Filed in: Security Research
This week’s FortiGuard Threat Intelligence Brief reports on a spike in an Android advertising library, a fake series of banking sites used to phish credentials, as well as a campaign using the old faithful “we couldn’t deliver your package” courier scam. While hackers weren’t quite as active as they were over the past couple of weeks, our top five identified malware variants still generated over 3 million attack attempts. Grab the latest Security Brief here for more details (add link to subscription site.) 1.... [Read More]
by RSS Bill McGee  |  Sep 16, 2016  |  Filed in: Industry Trends
Malware-as-a-Service (MaaS) business models continue to thrive in the cyber underground. It has allowed cyber crooks to generate renewable income through renting malware rather than selling their tool for a one-time payment. As a result, the business model has been adopted in various underground commodities such as exploit kits and remote access trojans. Recently, we saw the emergence of Ransomware-as-a-Service (RaaS) platforms. During our monitoring, we discovered that this same business model is also being used in phishing schemes in the form... [Read More]
by RSS Roland Dela Paz and Rommel Joven  |  Aug 31, 2016  |  Filed in: Security Research