What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-11-30 11:11:07 | November spam roundup: Stalkers, property tips, porn, stern words and PayPal (lien direct) |
We look at some of the more recent spam mails taking up space in mailboxes.
Categories: CybercrimeSocial engineering
Tags: emailmailphishphishingroundupspam
(Read more...)
|
Spam | ||
 |
2020-11-12 10:00:54 | Spam and phishing in Q3 2020 (lien direct) | The COVID-19 topic, which appeared in Q1 this year, is still in play for spammers and phishers. In our view, the so-called second wave could lead to a surge in mailings offering various coronavirus-related treatments. | Spam Guideline | ||
 |
2020-11-09 04:58:19 | Body Found in Canada Identified as Neo-Nazi Spam King (lien direct) | The body of a man found shot inside a burned out vehicle in Canada three years ago has been identified as that of Davis Wolfgang Hawke, a prolific spammer and neo-Nazi who led a failed anti-government march on Washington, D.C. in 1999, according to news reports. | Spam | ||
 |
2020-10-31 16:39:09 | Emotet operators are running Halloween-themed campaigns (lien direct) | Crooks behind Emotet malware attempt to take advantage of the Halloween festivity, a new campaign could invite you to a Halloween party. Threat actors are attempting to take advantage of the Halloween festivities, a recent Emotet malware campaign spotted by BleepingComputer employed spam emails that invite recipients to a Halloween party. The Emotet banking trojan has […] | Spam Malware Threat | ||
 |
2020-10-28 13:00:00 | Among Us Was Hit With Pro-Trump Spam (lien direct) | The attack comes just days after US representative Alexandria Ocasio-Cortez played the game in a wildly popular Twitch stream. | Spam | ||
 |
2020-10-28 11:00:00 | LokiBot Malware: What it is and how to respond to it (lien direct) | This blog was written by an independent guest blogger. The Cybersecurity and Infrastructure Agency (CISA) of the U.S. Department of Homeland Security recently announced that activity in LokiBot, a form of aggressive malware, has increased dramatically over the last two months. The activity increase was discovered by an automated intrusion detection system referred to as EINSTEIN, which the Department of Homeland Security uses for collecting and analyzing security information across numerous government agencies. Following the detection, CISA issued a security advisory warning to Federal agencies and private sector entities alike about the malware. Malware is essentially a piece of software or firmware that is intentionally placed into a system (or host) for malicious purposes (hence the term ‘malware’). It has long been a major problem, but it’s only become worse since the coronavirus pandemic began as hackers and cybercriminals have sought to take advantage of the chaos created by the situation. LokiBot is one such example. In this article, we will dive into what exactly LokiBot is and the threat it poses, the techniques that were used to deploy this malware, and then the steps you can take to remove it from an infected system. What is Lokibot? LokiBot was first released on underground forums for hackers to target Microsoft Android phones in early 2016. Since then, it has grown to become a much more widespread and dangerous threat than it originally was, as it has been widely distributed via torrent files and email spam (among other techniques) by low-to-mid level hackers targeting passwords. At this point, LokiBot is among the most prevalent forms of malware, and for 2020 has actually been the single most common form of malware used to attack command-and-control servers. LokiBot can infect computers and mobile devices alike by searching for locally installed applications. The malware then searches for credentials from the internal databases of those applications and attempts to extract them. LokiBot also comes with a keylogging feature that allows it to capture keystrokes in order to determine the passwords used for accounts that may not be stored in those internal databases as well. As a result of these capabilities, mobile applications, cryptocurrency wallets, emails, and browsers alike are all vulnerable to LokiBot. The good news is that LokiBot is far invincible. For example, storing your data in the cloud will be one of the best defense measures that you can make because your data will be stored encrypted, decentralized, and ultimately harder to obtain. How big of a threat does LokiBot pose? Even though LokiBot has become much more prominent than it once was, the real question that needs to be asked is: even though it’s common, how big of a threat actually is it? One of the biggest concerns with LokiBot isn’t just the fact that it can target everything from emails to cryptocurrency wallets, it’s also that it can create a backdoor to allow a hacker to install additional malicious software and steal information. LokiBot also makes use of a very simple codebase that makes it easy for lower level cybercriminals to use. If anything, it’s for this reason that it’s become so widely used. Furthermore, LokiBot utilizes methods to make it seem like nothing is hap | Spam Malware Threat | ||
 |
2020-10-26 15:20:14 | \'Among Us\' players hit by major spam attack (lien direct) | In-game chats were flooded with messages from somebody who tried to coerce players into subscribing to a dubious YouTube channel | Spam | ||
|
2020-10-24 13:10:38 | Did a Security Researcher Guess Trump\'s Twitter Password? (lien direct) | Plus: An Among Us spam attack, China's favorite vulnerabilities, and more of the week's top security news. | Spam | ||
 |
2020-10-22 11:28:00 | DOJ Says Iran Targeted American Voters with Threatening Emails (lien direct) | The U.S. Department of Justice (DOJ) said Iran was responsible for an attack campaign that targeted American voters with threatening emails. On October 21, the Justice Department held a press conference in which FBI Director Christopher Wray and Director of National Intelligence John Ratcliffe linked Iran to a spam campaign making the rounds in the […]… Read More | Spam | ||
|
2020-10-22 11:00:00 | SPAM text messages vs SMiShing and defending against it (lien direct) | The rise of SPAM text messages Businesses want to connect to their users and meet them where they are. One growing way to communicate to them is through text messages including providing coupons, recent news, and other marketing materials. When these marketing efforts are unwanted by the customer, this is when they cross the line into the SPAM category. SPAM has taken many forms throughout history such as junk mail in your mailbox and robocalls. Then, with the birth of the internet, digital SPAM emerged in the form of email and has now expanded to the web, social media, text messages, and more. These digital spam efforts are very easy and low-cost methods to reach large amounts of people. Legitimate businesses honor and respect this line between wanted and unwanted communications through opt-in/opt-out and subscribe/unsubscribe capabilities to allow users to manage how and when they want communications. But beyond managing the sheer number of text communications, what happens when a malicious actor decides to use these texting techniques to target you with a phishing expedition? What is SMiShing? SMiShing is phishing that uses texting to lead you to fake websites and phone numbers that imitate real companies. This is a type of social engineering that fraudsters use to get personal information from you with malicious intent. Today, phishing is the number one security threat and the worst part is- when it comes to phishing attempts on a mobile device, it works! For example, according to Lookout, 56% of mobile users have received and tapped on a URL that bypassed existing layers of phishing defense. And on average, a user will click on approximately six phishing links from their mobile device each year. You may be asking yourself, how could someone be fooled by these? Part of the reason is the form factor of a mobile device which makes it harder for the user to spot these social engineering techniques. Another reason is we’re often in a hurry or distracted while using the mobile device. And finally, many people believe they are safer on their mobile device than traditional laptops and desktops which in today’s world may not be the case. Mobile device manufacturers, wireless carriers, and regulators have all been working closely together to curb the issues around SPAM and SMiShing. For example, AT&T monitors the network 24/7 and supports legislation to end text spam. Also, AT&T will never ask someone to send personal or account information via email or text message. But with many types of security efforts, combating social engineering attempts like SMiShing is a shared responsibility, and both the individual and business owners need to take measures to help protect themselves and their data. Defend yourself against SPAM and SMiShing AT&T is vigilant about protecting customers from unsolicited text message spam but there is no simple fix to block these. As individuals, we can all take certain steps to help protect ourselves such as: If you are an AT&T customer, report them: Alert AT&T by forwarding the suspicious text to 7726 (SPAM) on your device. Messages forwarded to 7726 are free. They don't count toward your AT&T text plan. If you're not able to view the number, forward the entire message to abuse@att.net. On AT&T’s website: | Spam Threat Guideline | ||
 |
2020-10-22 10:27:03 | Iran blamed for voting spam emails (lien direct) | The US is blaming Iran for the email shot sent from the far-right group, Proud Boys, urging Democratic voters to vote for Trump. In these emails, the extremist group where threatening registered Democrats with consequences if they didn’t vote for Trump in the upcoming election. Although the group claimed to have sent this email to […] | Spam | ||
|
2020-10-19 09:41:19 | New Emotet campaign uses a new \'Windows Update\' attachment (lien direct) | After a short pause, a new Emotet malware campaign was spotted by the experts on October 14th, crooks began using a new ‘Windows Update’ attachment. After a short interruption, a new Emotet malware campaign was spotted by the experts in October. Threat actors began using new Windows Update attachments in a spam campaign aimed at […] | Spam Malware Threat | ||
 |
2020-10-15 14:00:00 | COVID-19 Attacks – Defending Your Organization (lien direct) | Overview The Coronavirus 2019 (COVID-19) global pandemic has caused widespread fear of the unknown and deadly aspects of this novel virus, generated growth in certain industries to combat it, and created a shift toward remote work environments to slow the spread of the disease. Defending Your Organization Against COVID-19 Cyber Attacks. In this webinar, AJ, and I describe COVID-19 attacks in January through March, the groups behind them, and key MITRE ATT&CK techniques being employed. We then discuss ways an organization can keep themselves safe from these types of attacks. Pandemic Background COVID-19 is a pandemic viral respiratory disease, originally identified in Wuhan, China in December 2019. At the time of the webinar, it had infected around 1.5 million people worldwide. Within the first month, cyber actors capitalized on the opportunity. COVID Attack Timeline December 2019 - January 2020 At the end of December 2019, China alerted the World Health Organization (WHO) that there was an outbreak in Wuhan, China. Within a month, the first cyber events were being recorded. Around January 31, 2020, malicious emails (T1566.001) using the Emotet malware (S0367) and a phishing campaign (T1566.001) using LokiBot (S0447) were tied to TA542 alias Mummy Spider. Emotet, in particular, was prolific. It originally started as a banking Trojan, then evolved into a delivery mechanism for an initial payload that infected systems to download additional malware families such as TrickBot (S0266). Around this same time, there was a marked increase in the registration of domain names with COVID-19 naming conventions, a key indicator of an uptick in phishing campaigns. February 2020 In early February, the progression of adversaries using uncertainty about and thirst for information regarding the COVID-19 pandemic became apparent. New malware variants and malware families were reported employing coronavirus related content, including NanoCore RAT (S0336) and Parallax RAT, a newer remote-access Trojan, to infect unsuspecting users. Throughout February, cybercrime actors launched several phishing campaigns (T1566.001) to deliver information stealer AZORult (S0344). With worldwide government health agencies giving advice on cyber and physical health, threat actors aligned with nation-states such as Russia (Hades APT), China (Mustang Panda), and North Korea (Kimsuky - G0094) used this messaging to lure individuals to download and/or execute malicious files disguised as legitimate documents. These state-sponsored groups used convincing lures to impersonate organizations such as the United Nations (UN), the World Health Organization (WHO), and various public health government agencies to achieve short- and long-term national objectives. March 2020 In March, we observed a flurry of nation-state and cybercrime attributed malicious activity seeking to exploit the COVID-19 pandemic. Cybercrime actors distributed a range of malware families, including NanoCore (S0336), | Ransomware Spam Malware Threat | APT 36 | ★★★ |
|
2020-10-14 10:28:18 | Twitter suspends accounts claiming to be Black Trump supporters (lien direct) | Several Twitter accounts claiming to be owned by Black Trump supporters have been suspended for breaking the platform’s rules on spam and manipulation. Many of the accounts were using similar language and phrases such as “YES IM BLACK AND IM VOTING FOR TRUMP!!!”. Twitter is still investigating the accounts and has yet to finalise the number […] | Spam | ||
 |
2020-10-02 01:52:00 | Avez-vous été ciblé par le virulent malware Emotet ? Ce service en ligne vous le dira (lien direct) | Le site HaveIBeenEmotet.com permet de savoir si son adresse e-mail a été impliqué dans une campagne de spam de ce cheval de Troie, que ce soit en tant que destinataire victime ou expéditeur involontaire.  |
Spam Malware | ||
|
2020-10-01 20:00:41 | How to check if an email or a domain was used in Emotet attacks? (lien direct) | Cyber security firm launches a new service that allows users to check if an email domain or address was part of an Emotet spam campaign. Experts worldwide warn about a surge in the Emotet activity, recently Microsoft along Italy and the Netherlands CERT/CSIRT agencies reported a significant increase of Emotet attacks targeting the private sector and public […] | Spam | ||
 |
2020-09-24 12:58:23 | ICO fines profiteering UK firm for touting coronavirus products over spam texts (lien direct) | The UK company sent cold texts offering products “effective against coronavirus.” | Spam | ||
|
2020-09-24 07:01:03 | Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns (lien direct) | Experts worldwide warn about a surge in the Emotet activity, this time the alerts are from Microsoft, Italy and the Netherlands agencies. Two weeks ago, cybersecurity agencies across Asia and Europe warned of Emotet spam campaigns targeting businesses in France, Japan, and New Zealand. The French national cyber-security agency published an alert to warn of […] | Spam | ||
|
2020-09-18 17:16:00 | Spammers use hexadecimal IP addresses to evade detection (lien direct) | Links in spam emails looked like http://0xD83AC74E instead of "domain.com." | Spam | ||
 |
2020-09-17 16:15:54 | Emotet Malware Attacks – Why Are They So Successful? (lien direct) | Over the past week, global cybersecurity agencies have published security alerts warning about a large uptick in Emotet malware attacks targeting their respective countries. The recent Emotet activity includes email spam campaigns originating from their own infrastructure, targeting companies and government agencies. Targeted organisations who received the emails and opened the attachments were at risk … The ISBuzz Post: This Post Emotet Malware Attacks – Why Are They So Successful? | Spam Malware | ||
|
2020-09-09 06:40:05 | France, Japan, and New Zealand warn of a surgein Emotet attacks (lien direct) | Cybersecurity agencies from multiple countries are warning of the surge of Emotet attacks targeting the private sector and public administration entities. Cybersecurity agencies across Asia and Europe are warning of Emotet spam campaigns targeting businesses in France, Japan, and New Zealand. The French national cyber-security agency published an alert to warn of a significant increase […] | Spam | ||
 |
2020-09-04 22:18:43 | Menace Intel |Cyberattaques tirant parti de la pandémie Covid-19 / Coronavirus Threat Intel | Cyber Attacks Leveraging the COVID-19/CoronaVirus Pandemic (lien direct) |
Chez Sentinel Labs, nous avons suivi de près le comportement adversaire en ce qui concerne le Covid-19 / Coronavirus.À ce jour, nous avons observé un nombre important de campagnes de logiciels malveillants, de campagnes de spam et de pure…
At Sentinel Labs, we have been closely tracking adversarial behavior as it pertains to COVID-19/Coronavirus. To date, we have observed a significant number of malware campaigns, spam campaigns, and outright… |
Spam Malware Threat | ★★★ | |
|
2020-09-02 11:00:00 | How Covid-19 has increased vulnerabilities in Industrial Control Systems (lien direct) | This blog was written by an independent guest blogger. By now, most are aware that the Covid-19 pandemic has led to a spike in cyberattacks. This sharp increase in malicious activity related to COVID has taken the typical form of adversaries seeking to benefit financially, gain unauthorized access to networks for immediate and long-term strategic benefit, and spread misinformation with political agendas. Much of this is a direct result of the work from home (WFH) phenomenon. With organizations and businesses rapidly deploying systems and networks to support remote staff, criminals can’t help themselves. Increased security vulnerabilities have offered the opportunity to steal data, generate profits, and generally cause havoc. In one four-month period (January to April) some 907,000 spam messages, 737 incidents related to malware, and 48,000 malicious URLs – all related to COVID-19 – were detected by one of INTERPOL’s private sector partners. There are a number of other threats, though, that have also been caused by the pandemic but that are less visible. One of these is the increased vulnerability of industrial control systems. The threat The most up to date data on the vulnerability of industrial control systems, and how this has been affected by the pandemic, comes courtesy of the ICS Risk & Vulnerability Report, released this week by Claroty. This research contains an assessment of 365 ICS vulnerabilities published by the National Vulnerability Database (NVD) and 139 ICS advisories issued by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) during the first half of 2020, affecting 53 vendors. The findings are striking, and particularly so given how many systems engineers now work from home. Fully 70% of the vulnerabilities published by the NVD can be exploited remotely, while the most common potential impact is remote code execution, which is possible with 49% of the vulnerabilities. When combined with the fact that recent research has found that 83% of firms are simultaneously struggling to ensure the security of remote working systems, this is highly concerning. In practice, this means that if an organization’s remote working systems are insecure – which seems likely, given the difficulties that many have reported in recent months – then hackers may be granted an increased capability to remotely execute malicious code on industrial systems. The Impact The increased likelihood of this kind of attack should concern all organizations working with industrial control systems, but especially those companies employing centralized systems such as DCS, SCADA, or PLS. In recent years, these solutions have been used for networking previously discrete industrial systems together. While this has allowed organizations to dramatically increase their efficiency and productivity, it potentially leaves these systems open to laterally-deployed cyberattacks. This risk is compounded by a similarly worrying trend in international cyber warfare. Tho | Spam Hack Vulnerability Guideline | ||
|
2020-08-30 13:09:17 | (Déjà vu) Emotet botnet has begun to use a new \'Red Dawn\' template (lien direct) | In August, the Emotet botnet operators switched to a new template, named ‘Red Dawn,’ for the malicious attachments employed in new campaigns. The notorious Emotet went into the dark since February 2020, but after months of inactivity, the infamous trojan has surged back in July with a new massive spam campaign targeting users worldwide. The Emotet banking trojan […] | Spam | ||
 |
2020-08-24 13:55:50 | Comment les cybercriminels ont utilisé des spams sur le thème de la COVID-19 pour répandre le malware Emotet (lien direct) | Partout dans le monde, la pandémie de Covid-19 sème la peur et l'incertitude. Ces inquiétudes sont une bénédiction pour les cybercriminels, qui surfent sans vergogne sur cette tendance en utilisant le malware bien connu Emotet, pour mener des campagnes sur le thème de la Covid-19 contre des entreprises démunies. Ainsi, depuis le début de la crise sanitaire, Akamai a observé des volumes élevés de trafic Emotet associés au spam COVID-19. Comment fonctionne Emotet et comment se prémunir contre ces attaques (...) - Points de Vue | Spam Malware | ||
 |
2020-08-17 05:45:27 | Researchers Exploited A Bug in Emotet to Stop the Spread of Malware (lien direct) | Emotet, a notorious email-based malware behind several botnet-driven spam campaigns and ransomware attacks, contained a flaw that allowed cybersecurity researchers to activate a kill-switch and prevent the malware from infecting systems for six months.
"Most of the vulnerabilities and exploits that you read about are good news for attackers and bad news for the rest of us," Binary Defense's |
Ransomware Spam Malware | ||
|
2020-08-15 17:56:03 | Emotet malware employed in fresh COVID19-themed spam campaign (lien direct) | The Emotet malware has begun to spam COVID19-themed emails to U.S. businesses after not being active for most of the USA pandemic. The infamous Emotet malware is back, operators have begun to spam COVID-19 themed emails to the U.S. businesses. Early this year, the Emotet malware was employed in spam COVID19-themed campaigns that targeted those countries that were […] | Spam Malware | ||
|
2020-08-13 11:59:05 | Signal adds message requests to stop spam and protect user privacy (lien direct) | New feature lets Signal users control who can text or voice call, add them to groups. | Spam | ||
|
2020-08-07 16:00:00 | \'Ultima\' Fandom Is Still Going Strong (lien direct) | Need proof? 'Spam Spam Spam Humbug,' a podcast dedicated to the computer role-playing games, is now in its fifth year. | Spam | ||
 |
2020-08-07 10:00:12 | July\'s Most Wanted Malware: Emotet Strikes Again After Five-Month Absence (lien direct) | Check Point Research finds sharp increase in the Emotet botnet spreading spam campaigns after period of inactivity, aiming to steal banking credentials and spread inside targeted networks Our latest Global Threat Index for July 2020 has revealed that after a five-month absence, Emotet has surged back to 1st place in the Index, impacting 5% of… | Spam Threat | ||
|
2020-08-07 10:00:07 | Spam and phishing in Q2 2020 (lien direct) | In Q2 2020, the largest share of spam (51.45 percent) was recorded in April. The average percentage of spam in global email traffic was 50,18%, down by 4.43 percentage points from the previous reporting period. | Spam | ||
|
2020-08-05 11:00:00 | Combat mobile phishing attacks targeting Financial Services with AI (lien direct) | Phishing attacks are a common attack vector for financial services organizations. Effective and simple to launch, phishing attacks challenge financial firms to protect their mobile workforce and harden their customer-facing apps. Mobile phishing, in particular, bypasses traditional perimeter defenses such as secure email gateways by targeting users via personal email, SMS and social messaging apps. These attacks typically seek to exploit human trust by using social context within messages on social networks. For example, the natural instinct for safety and survival would lead most anyone to click on a message about a friend or loved one who has been affected by COVID-19. With access to an app, an attacker could check balances, transfer money, and siphon away all the funds in an account....then disappear. Once a cyberattacker infects an employee’s mobile device, they can use it and the user’s credentials to access a corporate network and the sensitive digital resources that are vital to the operations of financial organizations and their customers. Users depend on their mobile device, and a breach of their trusted banking app is a serious violation of their personal privacy. As a result, it may be a major blow to the confidence they have in their financial institution to protect their information. Phishing has moved to mobile Mobile internet traffic surpassed desktop traffic in 2014 and the gap continues to widen. Attackers have noticed this trend and are getting a higher return on investment by phishing mobile devices. Lookout data shows that 1 in 50 enterprise users are phished on mobile devices daily and that mobile phishing rates have doubled for users of Office 365 and G Suite. This is a massive problem on a small screen. With the smaller screen and apps optimized for mobile, it is more challenging for consumers and employees to identify a phishing attack in the same way they would on a laptop or desktop computer. Attackers know this and purposely use specific mobile phishing techniques such as URL padding and tiny URLs to further obfuscate the attack. Lookout data suggests that enterprise users are three times more likely to fall for a phishing link when presented on the small screens of mobile devices rather than when presented on the screens of desktop OS, like Windows or macOS. Financial services has embraced BYOD The other major shift in security is the adoption of personal devices for work. Historically, financial organizations have invested heavily in security solutions such as secure email gateways, inbox scanning, and end-user training to protect against Business Email Compromise (BEC) scams. They have also traditionally required that employees use heavily restricted corporate mobile devices for work. However, as financial firms increasingly adopt Bring Your Own Device (BYOD) mobile strategies, these techniques remain too narrowly focused on email and do not protect against phishing attacks that enter through modern messaging, such as SMS, Slack, and Microsoft Instant Messaging. Lookout exclusive data shows phishing encounter rates exceeding 21% in 1Q2020. Malicious URLs include ad fraud, botnets, command and control centers, links to malware, malware call-home, malware distribution points, phishing/fraud, spam URLs, | Spam Malware Threat Guideline | ||
|
2020-07-30 16:55:21 | Malspam campaign caught using GuLoader after service relaunch (lien direct) |
We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch
Categories:
Malware
Threat analysis
Tags: GuLoadermalspammalwarespamstealer
(Read more...)
|
Spam | ||
 |
2020-07-30 11:00:05 | Threat Source newsletter for July 30, 2020 (lien direct) | Newsletter compiled by Jon Munshaw.
Good afternoon, Talos readers.
Adversaries love to use headlines as part of their spam campaigns. From COVID-19, to Black Lives Matter and even Black Friday every year, the bad guys are wanting to capitalize on current events. Why is this the case, and when do they decide to jump on headlines?
In our latest blog post, we look at this technique and examine the advantages and disadvantages of trying to leverage the biggest news.
Cyber...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Spam Threat | ||
 |
2020-07-28 15:21:40 | Emotet malware now steals your email attachments to attack contacts (lien direct) | The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails used for infecting targets' systems. [...] | Spam Malware | ||
|
2020-07-28 10:52:28 | Expert On Malware replaced with GIFs in Emotet hack (lien direct) | Malware distribution network Emotet has been hacked by a potential threat actor of unknown origin, substituting malware for humorous GIFs. As a result, instead of being hit with malware, users who click on malicious links from Emotet spam have been seeing images of James Franco and others such as “Hackerman” from the 2015 film “Kung … The ISBuzz Post: This Post Expert On Malware replaced with GIFs in Emotet hack | Spam Malware Hack Threat | ||
|
2020-07-27 18:43:07 | Office 365 adds new features to help identify malicious spam (lien direct) | Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations to export their list of the top targeted users by phishing attacks. [...] | Spam Threat | ||
|
2020-07-25 14:57:52 | Microsoft Edge now blocks abusive notifications to reduce web spam (lien direct) | Websites increasingly ask to send notifications about their new contents and notifications are also abused for advertisements or web scams. To address this webspam mess, Microsoft Edge 84 introduces a new notification request experience called quiet notification requests. [...] | Spam | ||
|
2020-07-20 15:52:08 | Emotet-TrickBot malware duo is back infecting Windows machines (lien direct) | After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. [...] | Spam Malware | ||
|
2020-07-18 16:07:40 | Emotet botnet surges back after months of absence (lien direct) | After months of inactivity, the infamous Emotet trojan has surged back with a new massive spam campaign targeting users worldwide. The notorious Emotet went into the dark since February 2020, but now has surged back with a new massive spam campaign targeting users worldwide. The Emotet banking trojan has been active at least since 2014, […] | Spam | ||
|
2020-07-17 18:52:00 | Emotet botnet returns after a five-month absence (lien direct) | 2019's most active malware botnet returns to life with new spam campaign after it previously went dark on February 7, 2020. | Spam Malware | ||
|
2020-07-17 18:17:18 | It\'s baaaack: Public cyber enemy Emotet has returned (lien direct) | Read more...) | Spam | ||
|
2020-07-17 15:23:55 | Emotet spam trojan surges back to life after 5 months of silence (lien direct) | After months of inactivity, the notorious Emotet spamming trojan has come alive again as it spews out a massive campaign of malicious emails targeting users worldwide. [...] | Spam | ||
|
2020-07-16 10:00:19 | The Streaming Wars: A Cybercriminal\'s Perspective (lien direct) | Cyber threats aren't relegated to the world of big businesses and large-scale campaigns. The most frequent attacks aren't APTs and massive data breaches-they're the daily encounters with malware and spam by everyday users. | Spam Malware | ||
|
2020-06-25 09:00:54 | NCSC receives reports of a million phishing emails (lien direct) | The National Cyber Security Centre (NCSC) has received the millionth submission to its Suspicious Email Reporting Service, just two months after it first launched in the face of a surge in spam and phishing attacks at the height of the first wave of the UK's Covid-19 coronavirus outbreak. The NCSC said that besides Covid-19-related lures, more than 10,000 […] | Spam | ||
|
2020-06-24 10:10:59 | Hakbit Ransomware Delivered Via Malicious Excel Attachments (lien direct) | A ransomware campaign, dubbed Hakbit, is targeting mid-level employees across Austria, Switzerland and Germany with malicious Excel attachments delivered via the popular email provider GMX. The spear-phishing based campaign is low volume and so far targeted the pharmaceutical, legal, financial, business service, retail, and healthcare sectors. Low-volume style campaigns, sometimes called snowshoe spam attacks, use […] | Ransomware Spam | ||
 |
2020-06-22 08:05:49 | Sécurité des emails : ARC et DKIM arrivent chez Gandi (lien direct) | Suite à notre article de la semaine dernière, l'hébergeur nous précise être membre de Signal Spam depuis 2018 et du M3AAWG (Messaging, Malware and Mobile Anti-Abuse Working Group). Il veut également faire...Lire la suite | Spam Malware | ||
 |
2020-06-18 07:58:14 | NBlog June 17 - phishing evolution (lien direct) | The Interweb drums have been beating out news of an upsurge in phishing attacks over the past month or so. I've certainly had more than the normal number of things along these lines lately: [if gte vml 1]> [if !vml]-->[endif]--> As usual, these are relatively crude and (for most reasonably alert people) easy to spot thanks to the obvious spelling and grammatical errors, often using spurious technobabble and urgency as well as the fake branding and sender email address in an attempt to trick victims. The 'blocked emails' and 'storage limit' memes are popular in my spam box right now, suggesting that these are basic phishing-as-a-service or phishing-kit products being used by idiots to lure, hook, land and gut other idiots. They are, however, using my first name in place of “Dear subscriber” or “Hello, how are you doing?” that we used to see, implying the use of mailmerge-type content customisation with databases of email addresses and other info on potential victims*.Moving up the scale, some current phishing attempts are more sophisticated, more convincing. Sometimes it's just a lucky coincidence e.g. when the lure glints alluringly because it just happens to mention something I am currently doing - for example if I am dealing with American Express o |
Ransomware Spam Guideline | ||
|
2020-06-15 11:00:32 | May\'s Most Wanted Malware: Ursnif Banking Trojan Ranks On Top 10 Malware List for First Time, Over Doubling Its Impact On Organizations (lien direct) | Check Point's researchers find sharp increase in attacks using the long-running Ursnif banking trojan capable of stealing email and banking credentials Our latest Global Threat Index for May 2020 has found several malicious spam campaigns distributing the Ursnif banking trojan, which caused it to jump up 19 places to 5th in the Top Malware list,… | Spam Malware Threat | ||
|
2020-06-11 11:00:00 | Bluetooth security risks explained (lien direct) | What would we do without Bluetooth these days? Our earbuds and headphones would have to use annoying wires. We would have one less way to transfer files between your laptop and your phone. And how would you connect your phone to your car? But as a wireless data transfer standard, of course Bluetooth has some associated cybersecurity risks. You don’t want unauthorized parties to access the data you’re transferring via Bluetooth, nor do you want them to have access to your Bluetooth-enabled devices. It helps to know what the security risks with Bluetooth are so you can enjoy all of the convenience of the widespread wireless technology while mitigating its risks. The most common types of Bluetooth attacks BlueSmacking BlueSmacking is a way to execute a Denial of Service attack against a Bluetooth-enabled device. What’s a Denial of Service attack, you might ask? It’s when a target such as a server or device gets way more data packets or oversized data packets than it’s designed to handle. The target gets overwhelmed, so it shuts down. Thankfully Denial of Service attacks are relatively minor as far as cyber attacks in general are concerned. You can usually recover from one by rebooting the targeted device. But through the distraction or inconvenience of a Denial of Service attack, attackers are able to conduct more destructive cyber attacks. So Denial of Service attacks shouldn’t be underestimated. To get technical, a BlueSmack attack uses the L2CAP layer of Bluetooth’s networking stack to send a really oversized data packet. I couldn’t finish a large pizza in one sitting, and if I tried to force myself to I’d probably “shutdown” with a stomach ache on my couch. BlueSmack and Bluetooth is a similar concept. BlueJacking BlueJacking sounds like Bluetooth plus hijacking for a reason. BlueJacking is when one Bluetooth device hijacks another with spam advertising. Bluetooth usually has a broadcasting range of ten meters or about thirty feet. So your BlueJacking attacker would probably be in the same room as you. Or perhaps an attacker could leave a BlueJacking device on the street and target your phone while you walk past it. Like BlueSmacking, this attack is more of an annoyance than anything else. But phone messages can be a means of phishing attacks. Phishing is when an attacker pretends to be a trusted entity like your bank, phone company, or Amazon to entice the victim into clicking on a link or entering their sensitive information. A message sent by BlueJacking could contain a hyperlink to a website that has malware, or a website that grabs sensitive information from its victim. BlueSnarfing You probably notice a trend in the naming of these Bluetooth security risks. They’re all Bluetooth-specific exploits with the word Blue in their names. That helps make everything easy to understand. So what is BlueSnarfing? It’s similar to BlueJacking in some ways, but much more dangerous. You see, a BlueJacking attack just sends data, whereas a BlueSnarfing attack can take data. Data that is dangerous in the hands of cyber attackers, such as your text messages, emails, photos, and the unique identifying information that your phone or laptop uses with your cellular provider or ISP. An attacker could receive enough information about your phone or laptop to conduct more harmful cyber attacks. BlueBugging BlueBugging is an exploit that was developed after it was seen how easy BlueJacking and BlueSnarfing can be to conduct. BlueBugging uses Bluetooth to establish a backdoor on a victim’s phone or laptop. Backdoors are very dangerous because they can give a malicious outsider inside access to your device and sensitive information. Basically they can use the backdoor to spy on your activity. They may even be able to pretend to be you on social media or your online banking! 4 Bluetooth security tips Fortunately there’s a lot you c | Spam |
To see everything:
Our RSS (filtrered)
