Security News

Weeks before US oil contract prices went negative, a spear-phishing crew went after oil firms. What did they get?
2020-04-21 08:00

As American crude oil crashed on Monday, leading to the bizarre situation of a negative futures contract price, our attention was drawn to a spear-phishing campaign against organizations involved in global oil production. A second, much smaller spear-phishing operation, impersonated a Philippines-based shipping company, targeted oil and gas companies in that country.

Scammers exploiting stimulus payments with phishing attacks and malicious domains
2020-04-20 12:30

Since January, more than 4,000 domains related to coronavirus stimulus packages have been registered, many of them malicious or suspicious, according to Check Point Research. These attacks typically take the form of malicious apps, phishing emails, and phony websites.

How Google Cloud users can combat coronavirus-themed phishing emails
2020-04-17 12:44

Google is striving to block Gmail messages and other content that exploit COVID-19, but there are steps users can take to fight such malware. The popularity of Google Cloud services such as G Suite, Gmail, and Chrome have made their users tempting targets for malware.

GitHub Warns Users of Sophisticated Phishing Campaign
2020-04-17 12:27

GitHub has warned users that they may be targeted in a fairly sophisticated phishing campaign that the company has dubbed "Sawfish." GitHub has pointed out that this phishing campaign has several noteworthy aspects.

Financial Phishing Jumped to 51% of All Phishing in 2019: Kaspersky
2020-04-17 11:36

Financial phishing has increased in frequency and accounted for more than half of all phishing detections last year, Kaspersky says. Last year, financial phishing accounted for 51.4% of all phishing detections, an increase from the 44.7% share it saw during the previous year.

Google: We've blocked 126 million COVID-19 phishing scams in the past week
2020-04-17 10:01

In the past week, an average of 18 million COVID-19 phishing emails were sent per day via Gmail to unsuspecting marks, according to Google. Google said its malware scanner uses deep-learning tech to detect malware on 300 billion attachments each week, and 63 per cent of dodgy docs blocked by Gmail are different from day to day.

GitHub users targeted by Sawfish phishing campaign
2020-04-17 09:27

GitHub users beware: online criminals have launched a phishing campaign to try and gain access to your accounts. They could create a GitHub personal access token, which allows the user to access their GitHub account using the Security Assertion Markup Language.

Phishing kits: The new bestsellers on the underground market
2020-04-16 04:30

Phishing kits are the new bestsellers of the underground market, with the number of phishing kit ads on underground forums and their sellers having doubled in 2019 compared to the previous year, Group-IB reveals. Phishing kits represent archive files with a set of scripts that ensure the work of a phishing website.

Click Armor launches gamified assessment that tests business phishing vulnerability
2020-04-15 02:30

Corporations and public sector organizations can now assess their workforce's exposure to dangerous phishing attacks, which are escalating as social distancing requires most employees to work from home. Managers can now characterize the weaknesses in their staff's ability to defend against phishing and online social engineering scams, thanks to "Can We Be Phished?", a new, freely available online assessment from Click Armor, the Continuous Cybersecurity Awareness Platform.

Going phishing: The most imitated big name brands
2020-04-14 15:41

Cyberattackers are disguising themselves as big name brands to execute phishing attacks, a Check Point Research report found. Phishing is known as a social engineering method criminals use to fraudulently steal information, which is then used to gain access to devices or networks, according to TechRepublic's phishing cheat sheet.