Blog Posts Tagged with "Phishing"
January 17, 2012 Added by:Josh Shaul
We consumers need to pressure business to change their practices and protect our information. By asking questions, we’ll force organizations to recognize the importance of effective security, and to either do it properly or lose customers to a competitor who will...
January 15, 2012 Added by:Headlines
A source has provided Infosec Island with a copy of a message they received while logging in to their account regarding a "security update". The message advises customers to change their password, but makes no mention of the massive data loss event...
January 12, 2012 Added by:Infosec Island Admin
Generally, people just aren’t thinking all that much when they get these calls. Sure, people should never be asking them for their passwords, but now this. Open this file would you? Tell me how many pages it has to verify that you got it, would you?
January 11, 2012 Added by:Headlines
US-CERT has received reports of a phishing email campaign that uses spoofed US-CERT email addresses. This campaign appears to be targeting a large number of private sector organizations as well as federal, state, and local governments...
January 07, 2012 Added by:Matthijs R. Koot
Infosec-savvy STRATFOR subscribers will look for clues to distinguish a fake email. Why would STRATFOR act in a manner that obfuscates four clues? STRATFOR knew about the breach since at least Dec 24/25, so I assume there has been time to advise on coping with fake mailings...
January 04, 2012 Added by:Headlines
"After users first click on the scams, malware or malicious scripts are to blame for the further spread of slightly over half the analyzed scams, with those falling into three main categories: likejacking, rogue applications, and malware or self-XSS..."
January 04, 2012 Added by:Headlines
"This campaign could target organizations related to technology used in... aerospace and military industries... With the information we collected it appears that this campaign has been running for months. Someone has said that cyberwar does not exist?. Draw your own conclusions..."
January 03, 2012 Added by:Headlines
"Within government, responsibility is fragmented. In America, the Treasury, other financial regulators, the Department of Homeland Security, the Pentagon, the FBI, the National Security Agency and others all have a hand in financial cybersecurity..."
December 30, 2011 Added by:Robert Siciliano
One of my holiday traditions is to expose the year’s phishing scams. The following examples come straight from my inbox or spam filter, and have been abbreviated to demonstrate the nature of the scam and specific hook being used...
December 12, 2011 Added by:Headlines
"Trustwave found that that the thieves inserted malicious software or 'malware' into the credit and debit card processing systems used in Restaurant Depot stores. The malware collected card information as it was processed, stored it temporarily, and then sent it to a computer server in Russia..."
December 06, 2011 Added by:Headlines
"US-CERT encourages users and administrators to use caution when encountering email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns..."
December 05, 2011 Added by:Headlines
"A rainbow table is a list of pre-computed hashes - the numerical value of an encrypted password, used by most systems today - and that’s the hashes of all possible password combinations for any given hashing algorithm mind..."
December 01, 2011 Added by:Robert Siciliano
When handing your card to a clerk or cashier, pay close attention. The card should be swiped through a point of sale terminal or keyboard card reader once, maybe twice. If your card is swiped through an additional reader, the card number may have been stolen...
November 28, 2011 Added by:Robert Siciliano
Whether you like it or not, the Christmas machine arrived well before Thanksgiving — at least as far as stores and advertisers are concerned. And there’s no question that scammers, identity thieves, and criminal hackers have already begun setting traps for holiday shoppers...
November 16, 2011 Added by:Allan Pratt, MBA
Cyber Monday is the day when all employers cringe. They know that many employees will spend a portion of their work hours making online holiday purchases instead of working. Here are some tips to stay safe on the largest online activity day of the year...
October 25, 2011 Added by:Chris Kimmel
A true APT has close to a 100% penetration rate. It should be noted that the difficulty of attacks can range from simple social engineering to a zero-day. These attackers will tend to use any attack method they can to penetrate an organization...
Hacker to Release Symantec's PCAnywhere Sour... Jerry Shaw on 10-05-2015
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015