Articles about phishing

Night scene of bank station in central london

Bank in the UK? Plans afoot to make YOU liable for bank fraud

Bank customers may be obliged to bear the bill for fraud against their accounts, under proposed changes mulled by banks, the UK government and GCHQ. Under the plans, individuals or companies with poor online security could be “frozen out of banking services or even excluded from the system whereby banks compensate customers …
John Leyden, 26 May 2016
skull_648

Pastejack attack turns your clipboard into a threat

Once, you could use HTML/CSS to manipulate the clipboard, but it was not a good way to do so. Now a security bod has worked out how to do it in JavaScript and reckons it's a lot more dangerous. At first glance, it looks like purely a stunt-attack, except for this: a phishing e-mail purporting to be from tech support could …
phishing_648

Bangladesh government domain turned into toxic phishing hole

Netcraft security man Paul Mutton says the Bangladesh Government has been used in banking phishing attacks targeting customers of Wells Fargo, Google, and AOL. The domains are restricted Government assets which Mutton says could indicate lax security controls. The popped server is located in the UK hosted by Nibs Solutions …
Team Register, 20 May 2016

Suckfly: The hacking group targeting India but taking weekends off

A professional hacking group called Suckfly is targeting India's infrastructure and economic base by zeroing in on individuals and installing tools to access their work networks. That's according to a blog post by Symantec that has analyzed and dug into the group's activities and methods. Symantec first spotted the group it …
Kieren McCarthy, 18 May 2016

Phishing scam targets ... actual fishermen in eastern Ukraine

Security firm ESET has uncovered a long running cyber-espionage campaign in Ukraine, and seemingly targeted at separatists. Operation Groundbait is a targeted attack most likely run from within Ukraine by as yet unidentified politically motivated hackers. The region is a hotspot for malware-based spying campaign thanks largely …
John Leyden, 18 May 2016
Wall of Spam. Pic: freezelight

Sainsbury’s Bank insurance spam scam causes confusion

Numerous UK surfers were left confused on Monday after receiving email confirmations for insurance products with Sainsbury’s Bank that they never bought. People are receiving emails claiming they have started new policies for travel, home and car insurance from the UK supermarket giant’s banking business. El Reg learnt of the …
John Leyden, 17 May 2016
Prison

Insider trading hacker pleads guilty to p0wning press releases

A Ukrainian ne'er-do-well who broke into market computers for an insider trading scheme has entered a guilty plea in the US. The 28-year-old, Vadym Iermolovych, has put his hands up to three charges – conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft. The US Department of …
Arcady http://www.shutterstock.com/gallery-450076p1.html

Flash zero day phished phoolish Microsoft Office users

FireEye has detailed an attack on a recent zero-day vulnerability Adobe patched last week. The flaw (CVE-2916-4117) affects the previous latest version of Adobe Flash and copped a rushed patch after FireEye reported attacks in the wild. Genwei Jiang, a Singaporean senior security engineer, has revealed the details of the …
Darren Pauli, 16 May 2016
2001: A Space Odyssey

Lie back and think of cybersecurity: IBM lets students loose on Watson

IBM is teaming up with eight North American universities to further tune its cognitive system to tackle cybersecurity problems. Watson for Cyber Security, a platform already in pre-beta, will be further trained in “learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks …
John Leyden, 12 May 2016
Fat Tony

Google kneecaps payday loan ads

Google says it will no longer serve ads for short-term loan services it considers to be predatory lenders. The Chocolate Factory says that as of July 13, it will no longer be taking ads from loan services that seek repayment within 60 days or carry an annual percentage rate (APR) of 36 per cent interest or higher. The aim, …
Shaun Nichols, 11 May 2016
Speedometer by Nathan E Photography, Flickr under CC2.0

Google blocks Pirate Bay

Google's Safe Browsing service has decided The Pirate Bay is a phishing site. The Safe Browsing service tries to rate the web and provides a feed of sites Google's security team thinks deserve to be shunned. Other browser-makers use the service's feed to rate sites, so Google's assessment means those trying to reach …
Simon Sharwood, 11 May 2016

Babycare e-tailer Kiddicare admits customer data breach

Babycare retailer Kiddicare has warned customers that personal data shared with the store has been stolen by hackers. The compromised data is restricted to name, delivery address, telephone number and email address, according to Kiddicare, which is keen to stress that customer payment details or credit/debit card information …
John Leyden, 09 May 2016
Image by Danomyte http://www.shutterstock.com/gallery-256714p1.html

Six-year-old patched Stuxnet hole still the web's biggest killer

The six-year-old vulnerability first burnt by Stuxnet remains the internet's chief pwning vector and is a key instrument of the world's worst exploit kit known as Angler. The vulnerability is a hole in Windows Shell that is both long since patched and well publicised as part of its discovery in the US' Stuxnet worm, the killer …
Darren Pauli, 09 May 2016
German battleship sinking at Scapa Flow

Defence bankrolls Oz Govt's infosec threat sharing strategy

Budget 2016 The Department of Defence will haemorrhage A$122.2 million and the National Innovation and Science Agenda A$38 million to implement the Federal Government's A$230 Cyber Security Strategy, budget papers reveal. The funding Strategy announced last month was welcomed by many in security circles and seated information security …
Darren Pauli, 04 May 2016

Iranian cyberspy phishing rod pulled from the waters and exposed

Security researchers have lifted the lid on a decade long cyber-espionage campaign. The Infy malware, which originated in Iran, has been used to target businesses and governments across the world since 2007 and remains in use, according to security researchers from Palo Alto's Unit42 research unit. Over the time, the malware …
John Leyden, 03 May 2016

Michigan electricity utility downed by ransomware attack

A water and electricity authority in the US State of Michigan has needed a week to recover from a ransomware attack that fortunately only hit its enterprise systems. Lansing's BWL – Board of Water & Light – first noticed the successful phishing attack on its corporate systems on April 25, and has had to keep systems including …

Google Play infested with cash-stealing web apps

Security researcher Joshua Shilko says phishing apps targeting some of the world's biggest payment services have slipped past screening and landed on Google Play. Shilko says he's aware of 11 well-designed fraud apps that have slipped into the official Play store, often by mimicking mobile payment sites. Shilko did not name …
Darren Pauli, 29 Apr 2016

Gumtree 'fesses up to breach and personal information leak

UPDATE eBay's even tattier tat bazaar Gumtree says it's suffered an attack during which users' personal data was encountered by parties unknown and unauthorised. The Register has seen multiple posts in which members of the site report receiving an email with the following text: “We are writing to let you know that some of your …
Simon Sharwood, 29 Apr 2016
Facebook VR, photo by Facebook

Facebook's own TLS cert used by crooks in double logon phish

Netcraft security man Paul Mutton says phishers are using Facebook's TLS certificate to create a 'remarkably convincing' scam that would go unnoticed by most users. The phish uses an iframe to serve a Facebook verification form, but that form isn't from The Social NetworkTM. Instead, the form comes from an external Hostgator …
Team Register, 26 Apr 2016

Hackers so far ahead of defenders it's not even a game

Cybercriminals are way ahead of the game against defenders without having to try anything new, according to the latest edition of Verizon's benchmark survey of security breaches. The study shows that miscreants have no need to switch up, because the same old tactics are still working fine. Security defenders are still …
John Leyden, 26 Apr 2016
Lady eating a sandwich checking her mobile phone

Spotify accounts breached

Spotify account-holders' details have appeared on Pastebin. User names, passwords and email addresses are among the details divulged. Spotify says it has not been breached, leaving open the possibility that users had entered their account details into a third party or phishing service. The company is informing affected …
Darren Pauli, 26 Apr 2016
Mexico

'No password' database error exposes info on 93 million Mexican voters

Information on 93 million Mexican voters has been leaked online. Voter records were exposed as the result of a config error in a MongoDB database that meant that the information was left accessible by anyone who knew where to look. The database – hosted on Amazon AWS – included voters' names, addresses, voter ID numbers, dates …
John Leyden, 25 Apr 2016

MoD contractor hacked, 831 members of defence community exposed

Exclusive Up to 831 members of Britain's defence community with high-level security clearances had their personally identifying information stolen when the Ministry of Defence's business networking organisation was hacked, The Register has learned. Although heavily redacted in places, correspondence between the MoD and Niteworks— …

Cybercrooks turn away from banks. Your health records are far juicier

Cybercrooks are switching up targets moving away from retail and financial services onto healthcare and government last year, according to figures from IBM’s security business. Retail drops out of top five most attacked sector while financial targets dropped from #1 to #3 in IBM X-Force’s 2016 Cyber Security Intelligence Index …
John Leyden, 20 Apr 2016

Four bugs bait hooks in Asian phishing trip

Malware writers are exploiting four RTF parser vulnerabilities, in a long-running campaign to target journalists, human rights activists, and Tibetans across Hong Kong and Taiwan. An Arbor Networks study found miscreants are exploiting since-patched vulnerabilities in Microsoft Office's handling of rich text files (CVE-2012- …
Darren Pauli, 20 Apr 2016
Flash Gordon

Exploit kit writers turn away from Java, go all-in on Adobe Flash

Exploit kit writers are no longer fussed about Java vulnerabilities, focusing their attention almost entirely on Adobe Flash. All of the top 10 vulnerabilities targeted by exploit kits during 2015 are related to Adobe Flash, according to a new study [PDF] from NTT Group. In 2013, by contrast, the top 10 vulnerabilities …
John Leyden, 19 Apr 2016
hacker

What exactly is it that infosec miscreants get up to? A quick overview

If corporate IT infrastructures are a battlefield, then the cybercriminals are putting up a good fight. Last year saw some nasty breaches. Anthem Insurance, which lost nearly 80 million records, and the US Office of Personnel Management, which lost 21 million records after failing to encrypt its records. Cybercriminals are …
Danny Bradbury, 13 Apr 2016
London - Iconic Red telephone box with Big Ben at the background and blue sky - UK, England. Photo by Shutterstock

Spear phishers target gullible Brits more than anyone else – survey

There’s been a sharp (35 per cent) increase in crypto ransomware attacks, with the UK ranked as the nation third most targeted with ransomware. The UK is also ranked as the most targeted nation for spear phishing attacks and the second most hit-upon country with social media scams, according to other findings from Symantec's …
John Leyden, 12 Apr 2016

SANS man lists five security things you're not doing but should

SANS Institute dean of research and head of the SANS Internet Storm Center (ISC) Johannes Ullrich has given systems admins some some light weekend reading with a list of five neglected security controls that "nobody implements". Ullrich reckons that if put these controls in place your security posture will improve and things …
Darren Pauli, 08 Apr 2016
Katipunan, Quezon City, Philippines. Photo by Chris Villarin, CC 3.0

Megabreach: 55 MILLION voters' details leaked in Philippines

A massive data breach appears to have left 55 million Philippine voters at much greater risk of identity fraud and more. Security researchers warn that the entire database of the Philippines’ Commission on Elections (COMELEC) has been exposed in what appears to be the biggest government related data breach in history. The …
John Leyden, 07 Apr 2016
barbie

Barbie-brained Mattel exec phell for phishing, sent $3m to China

Toy maker Mattel has recovered some US$3 million it shipped off to Chinese hackers who sent a well-crafted phishing email to a finance executive. The recovery was mostly down to luck: the cash was wired on a Chinese bank holiday which meant the funds were held up and returned by fast-acting authorities. Sources told …
Darren Pauli, 06 Apr 2016

Microsoft account-hijacking hole closed 48 hours after bug report

British researcher Jack Whitton has reported a Microsoft account hijacking authentication bug that would have been another arrow in an attacker's phishing quiver, save for the fact that Microsoft fixed it. Whitton quietly reported the flaw to Microsoft which pounced and took only two days to process and patch the flaw. The …
Team Register, 05 Apr 2016
band_aid_patching_648

Optus patches crap credential cock-up in cable modems

Optus has patched a vulnerability in its popular routers that allowed attackers to change administrative passwords without knowing the existing logins. The flaw, reported by The Register, exists in the CG3000v2 cable modem and means attackers could type anything into the current password field to change the code to one of …
Darren Pauli, 04 Apr 2016
PayPal inStore app in action

PayPal plugs phishing-enabling vulnerability, stumps up $500

PayPal has patched a flaw which created a means for miscreants to abuse its platform to lend authenticity to fraudulent or otherwise malicious emails. The input validation and mail encoding web vulnerability in the official PayPal online web app was discovered by Vulnerability Laboratory researcher Benjamin Kunz Mejri. The …
John Leyden, 01 Apr 2016

Unpatched stealthy iOS MDM hack spells ruin for Apple tech enterprises

Black Hat Asia Enterprises the world over are at risk from a seamless new attack that allows the latest Apple devices to be quietly compromised in what researchers say requires a total overhaul of Cupertino's enterprise provisioning architecture for mobile device management. The unpatched hack – dubbed SideStepper and crafted by Israel-based …
Darren Pauli, 31 Mar 2016
Great Hall of the People, seat of Communist party government in Beijing, China. Photo by Shutterstock

Former FBI spy hunter: Don’t trust China on ‘no hack’ pact

A former FBI investigator who helped expose Soviet double agent Robert Hanssen1 warns that enterprises should give up worrying about hackers, “who are now the good guys”, and be more worried about spies. Veteran spy hunter turned infosec exec Eric O'Neill said that espionage has evolved and become increasingly digital as …
John Leyden, 30 Mar 2016

Mal Men men hit LiveJournal with Angler exploit kit

Malwarebytes researcher Jerome Segura says malvertisers have served the world's most dangerous exploit kit - Angler - through compromised advertisements run on LiveJournal.com and news service Likes.com. The attacks are the latest in a string of brazen and successful malvertising campaigns that are smashing the web's most …
Darren Pauli, 30 Mar 2016

Hospital servers in crosshairs of new ransomware strain

Security types are warning hospitals to stay on alert for a "widespread campaign" targeting vulnerable servers with new strains of ransomware. The SamSam ransomware variant targets vulnerable servers with criminals breaking into networks and infecting as many systems as they can access. Cisco's Talos threat man Nick Biasini …
Darren Pauli, 30 Mar 2016

Courts cry over cunning call-center criminals crafting convincing cons

US federal courts have alerted Americans to a fresh crop of scams in which conmen are setting up call centers and impersonating government agencies. The advisory describes how criminals are pretending to be US marshals and court agents, demanding victims hand over money for a supposed failure to appear for jury duty. "This …
Shaun Nichols, 29 Mar 2016

Ransomware scum sling PowerShell, Word macro nasty at healthcare biz

Miscreants have put together a strain of ransomware written in Microsoft Word macros and PowerShell, Redmond's scripting language. The malware is designed to infect organizations, encrypting files and demanding money to unscramble files. Interestingly, installation of the ransomware begins after someone opens a booby-trapped …
John Leyden, 29 Mar 2016

Ransomware now using disk-level encryption

Ransomware has been detected infecting master file tables, rendering Windows PC useless unless payment is made. When first executed, the Petya malware will reboot the victim's machine, and run what appears to be a Windows check disk scan as a mask for the encryption process. A screen is then displayed that directs users to a …
Darren Pauli, 29 Mar 2016
Defeated-looking young man puts his head against table in front of laptop and pile of papers in conference room. Pic via Shutterstock

1.5M Verizon Enterprise customer records selling on forum after breach

Some 1.5 million Verizon Enterprise customer records have been stolen and are being sold on a criminal hacking forum, according to reports. A trusted seller on a popular but shadowy unnamed criminal forum asked for US$100,000 for the database or US$10,000 for batches of 100,000 records, investigative blogger Brian Krebs …
Team Register, 29 Mar 2016

Cunning scam: Mobe app stalks victims then emails booby-trapped bogus speeding tickets

Here's a smart scam that's cropped up on the US East Coast. It appears people have installed a free smartphone app – quite possibly a traffic monitoring tool – that keeps an eye on their whereabouts, and then emails them fake speeding tickets. Victims are tricked into thinking the messages are legit and have come from the cops …
Shaun Nichols, 28 Mar 2016
Water Treatment Centre pipe sluices off water. Photo by Joe Jungmann, released into the public domain

Water treatment plant hacked, chemical mix changed for tap supplies

Hackers infiltrated a water utility’s control system and changed the levels of chemicals being used to treat tap water, we're told. The cyber-attack is documented in this month’s IT security breach report (available here, registration required) from Verizon Security Solutions. The utility in question is referred to using a …
John Leyden, 24 Mar 2016

Researchers find hole in SIP, Apple’s newest protection feature

Security researchers have discovered a vulnerability that creates a means for hackers to circumvent Apple’s newest protection feature, System Integrity Protection (SIP). SIP is designed to prevent potentially malicious software from modifying protected files and folders. The technology is designed to protect the system from …
John Leyden, 24 Mar 2016

US State Department sextortionist gets 57 months in cooler

A former US State Department official has been handed 57 months prison for hacking the email accounts of women and forcing them into sending him sexual photographs. Michael Ford, 36, of Atlanta, was sentenced by US District Judge Eleanor Ross after he pled guilty to nine counts of cyberstalking, seven of hacking to extort, and …
Darren Pauli, 24 Mar 2016

US bank fended off 513 trojans last year alone

The most beleaguered bank in the United States was hit with 513 financial trojans last year, says Symantec threat bod Candid Wueest. The unnamed bank and Symantec customer was in the crosshairs of 78.2 percent of all financial trojans seen by the security firm last year. It is unknown if any of the malware samples gained a …
Darren Pauli, 24 Mar 2016
wham_bang by Roy Lichtenstein

Cyberthreat: How to respond...and when

Spotting threats in cyberspace is like star gazing. There are lots of them out there, but telling them apart and working out which ones are about to go supernova takes experience and skill. You don’t want to pour the same resource into protecting yourself against every single perceived threat, because no budget can support …
Danny Bradbury, 23 Mar 2016

New UK cyber security centre to work with Bank of England

The UK's new national cyber centre will collaborate with the Bank of England on new cyber security guidance for financial firms when it opens later this year, the government has said. The Cabinet Office announced that the National Cyber Security Centre (NCSC) will be based in London and start operating in October. It said one …
OUT-LAW.COM, 23 Mar 2016
Syrian Electronic Army

FBI's Most Wanted: Syrian Electronic Army hacktivists

The FBI has placed suspected self-styled Syrian Electronic Army (SEA) hacktivists on its most wanted list, publicly naming members of the notorious group for the first time. Ahmad Umar Agha (AKA The Pro), 22, and Firas Dardar (AKA The Shadow), 27, were each charged with multiple conspiracies related to computer hacking. Peter …
John Leyden, 22 Mar 2016