Security News

DarkHydrus uses the open-source Phishery tool to create two of the known Word documents used in the attacks.

Really interesting article: A trained eye (or even a not-so-trained one) can discern when something phishy is going on with a domain or subdomain name. There are search tools, such as Censys.io,...

Cybercrime Gang Phoned Victims to Increase Phishing Attack Success RatesThe FIN7 cybercrime gang regularly phoned victims, posing as buyers, to trick victims into opening phishing emails and...

Phishing emails purported to be commercial offers - but were really installing remote administration software on victims’ systems.

A new wave of spear-phishing emails masquerading as legitimate procurement and accounting letters have hit over 400 industrial organizations, according to Kaspersky Lab. read more

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site...

If you trust Google, this is the second-factor security key for you.

At Node Summit, coders served some humble pie Software developers have been lionized in recent years for their influence over the information economy. At the Node Summit in San Francisco,...

Phishing attackers have failed to compromise a single employee account at Google since the company mandated authentication using U2F hardware tokens in early 2017. That’s the remarkable claim made...

Russians Tied to Hack Attacks, But 'Two-Factor' No Silver Bullet, Google WarnsSpear phishing attacks are in the news again following the Justice Department's indictment of Russian military...