What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-05 11:00:00 | Combat mobile phishing attacks targeting Financial Services with AI (lien direct) | Phishing attacks are a common attack vector for financial services organizations. Effective and simple to launch, phishing attacks challenge financial firms to protect their mobile workforce and harden their customer-facing apps. Mobile phishing, in particular, bypasses traditional perimeter defenses such as secure email gateways by targeting users via personal email, SMS and social messaging apps. These attacks typically seek to exploit human trust by using social context within messages on social networks. For example, the natural instinct for safety and survival would lead most anyone to click on a message about a friend or loved one who has been affected by COVID-19. With access to an app, an attacker could check balances, transfer money, and siphon away all the funds in an account....then disappear. Once a cyberattacker infects an employee’s mobile device, they can use it and the user’s credentials to access a corporate network and the sensitive digital resources that are vital to the operations of financial organizations and their customers. Users depend on their mobile device, and a breach of their trusted banking app is a serious violation of their personal privacy. As a result, it may be a major blow to the confidence they have in their financial institution to protect their information. Phishing has moved to mobile Mobile internet traffic surpassed desktop traffic in 2014 and the gap continues to widen. Attackers have noticed this trend and are getting a higher return on investment by phishing mobile devices. Lookout data shows that 1 in 50 enterprise users are phished on mobile devices daily and that mobile phishing rates have doubled for users of Office 365 and G Suite. This is a massive problem on a small screen. With the smaller screen and apps optimized for mobile, it is more challenging for consumers and employees to identify a phishing attack in the same way they would on a laptop or desktop computer. Attackers know this and purposely use specific mobile phishing techniques such as URL padding and tiny URLs to further obfuscate the attack. Lookout data suggests that enterprise users are three times more likely to fall for a phishing link when presented on the small screens of mobile devices rather than when presented on the screens of desktop OS, like Windows or macOS. Financial services has embraced BYOD The other major shift in security is the adoption of personal devices for work. Historically, financial organizations have invested heavily in security solutions such as secure email gateways, inbox scanning, and end-user training to protect against Business Email Compromise (BEC) scams. They have also traditionally required that employees use heavily restricted corporate mobile devices for work. However, as financial firms increasingly adopt Bring Your Own Device (BYOD) mobile strategies, these techniques remain too narrowly focused on email and do not protect against phishing attacks that enter through modern messaging, such as SMS, Slack, and Microsoft Instant Messaging. Lookout exclusive data shows phishing encounter rates exceeding 21% in 1Q2020. Malicious URLs include ad fraud, botnets, command and control centers, links to malware, malware call-home, malware distribution points, phishing/fraud, spam URLs, | Spam Malware Threat Guideline | ||
 |
2020-07-30 16:55:21 | Malspam campaign caught using GuLoader after service relaunch (lien direct) |
We discovered a spam campaign distributing GuLoader in the aftermath of the service's relaunch
Categories:
Malware
Threat analysis
Tags: GuLoadermalspammalwarespamstealer
(Read more...)
|
Spam | ||
 |
2020-07-30 11:00:05 | Threat Source newsletter for July 30, 2020 (lien direct) | Newsletter compiled by Jon Munshaw.
Good afternoon, Talos readers.
Adversaries love to use headlines as part of their spam campaigns. From COVID-19, to Black Lives Matter and even Black Friday every year, the bad guys are wanting to capitalize on current events. Why is this the case, and when do they decide to jump on headlines?
In our latest blog post, we look at this technique and examine the advantages and disadvantages of trying to leverage the biggest news.
Cyber...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Spam Threat | ||
 |
2020-07-28 15:21:40 | Emotet malware now steals your email attachments to attack contacts (lien direct) | The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails used for infecting targets' systems. [...] | Spam Malware | ||
 |
2020-07-28 10:52:28 | Expert On Malware replaced with GIFs in Emotet hack (lien direct) | Malware distribution network Emotet has been hacked by a potential threat actor of unknown origin, substituting malware for humorous GIFs. As a result, instead of being hit with malware, users who click on malicious links from Emotet spam have been seeing images of James Franco and others such as “Hackerman” from the 2015 film “Kung … The ISBuzz Post: This Post Expert On Malware replaced with GIFs in Emotet hack | Spam Malware Hack Threat | ||
|
2020-07-27 18:43:07 | Office 365 adds new features to help identify malicious spam (lien direct) | Microsoft is planning to provide more info on spam emails detected as malicious by the Office 365 Advanced Threat Protection (ATP) filtering stack and allow organizations to export their list of the top targeted users by phishing attacks. [...] | Spam Threat | ||
|
2020-07-25 14:57:52 | Microsoft Edge now blocks abusive notifications to reduce web spam (lien direct) | Websites increasingly ask to send notifications about their new contents and notifications are also abused for advertisements or web scams. To address this webspam mess, Microsoft Edge 84 introduces a new notification request experience called quiet notification requests. [...] | Spam | ||
|
2020-07-20 15:52:08 | Emotet-TrickBot malware duo is back infecting Windows machines (lien direct) | After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. [...] | Spam Malware | ||
 |
2020-07-18 16:07:40 | Emotet botnet surges back after months of absence (lien direct) | After months of inactivity, the infamous Emotet trojan has surged back with a new massive spam campaign targeting users worldwide. The notorious Emotet went into the dark since February 2020, but now has surged back with a new massive spam campaign targeting users worldwide. The Emotet banking trojan has been active at least since 2014, […] | Spam | ||
 |
2020-07-17 18:52:00 | Emotet botnet returns after a five-month absence (lien direct) | 2019's most active malware botnet returns to life with new spam campaign after it previously went dark on February 7, 2020. | Spam Malware | ||
|
2020-07-17 18:17:18 | It\'s baaaack: Public cyber enemy Emotet has returned (lien direct) | Read more...) | Spam | ||
|
2020-07-17 15:23:55 | Emotet spam trojan surges back to life after 5 months of silence (lien direct) | After months of inactivity, the notorious Emotet spamming trojan has come alive again as it spews out a massive campaign of malicious emails targeting users worldwide. [...] | Spam | ||
 |
2020-07-16 10:00:19 | The Streaming Wars: A Cybercriminal\'s Perspective (lien direct) | Cyber threats aren't relegated to the world of big businesses and large-scale campaigns. The most frequent attacks aren't APTs and massive data breaches-they're the daily encounters with malware and spam by everyday users. | Spam Malware | ||
 |
2020-06-25 09:00:54 | NCSC receives reports of a million phishing emails (lien direct) | The National Cyber Security Centre (NCSC) has received the millionth submission to its Suspicious Email Reporting Service, just two months after it first launched in the face of a surge in spam and phishing attacks at the height of the first wave of the UK's Covid-19 coronavirus outbreak. The NCSC said that besides Covid-19-related lures, more than 10,000 […] | Spam | ||
|
2020-06-24 10:10:59 | Hakbit Ransomware Delivered Via Malicious Excel Attachments (lien direct) | A ransomware campaign, dubbed Hakbit, is targeting mid-level employees across Austria, Switzerland and Germany with malicious Excel attachments delivered via the popular email provider GMX. The spear-phishing based campaign is low volume and so far targeted the pharmaceutical, legal, financial, business service, retail, and healthcare sectors. Low-volume style campaigns, sometimes called snowshoe spam attacks, use […] | Ransomware Spam | ||
 |
2020-06-22 08:05:49 | Sécurité des emails : ARC et DKIM arrivent chez Gandi (lien direct) | Suite à notre article de la semaine dernière, l'hébergeur nous précise être membre de Signal Spam depuis 2018 et du M3AAWG (Messaging, Malware and Mobile Anti-Abuse Working Group). Il veut également faire...Lire la suite | Spam Malware | ||
 |
2020-06-18 07:58:14 | NBlog June 17 - phishing evolution (lien direct) | The Interweb drums have been beating out news of an upsurge in phishing attacks over the past month or so. I've certainly had more than the normal number of things along these lines lately: [if gte vml 1]> [if !vml]-->[endif]--> As usual, these are relatively crude and (for most reasonably alert people) easy to spot thanks to the obvious spelling and grammatical errors, often using spurious technobabble and urgency as well as the fake branding and sender email address in an attempt to trick victims. The 'blocked emails' and 'storage limit' memes are popular in my spam box right now, suggesting that these are basic phishing-as-a-service or phishing-kit products being used by idiots to lure, hook, land and gut other idiots. They are, however, using my first name in place of “Dear subscriber” or “Hello, how are you doing?” that we used to see, implying the use of mailmerge-type content customisation with databases of email addresses and other info on potential victims*.Moving up the scale, some current phishing attempts are more sophisticated, more convincing. Sometimes it's just a lucky coincidence e.g. when the lure glints alluringly because it just happens to mention something I am currently doing - for example if I am dealing with American Express o |
Ransomware Spam Guideline | ||
 |
2020-06-15 11:00:32 | May\'s Most Wanted Malware: Ursnif Banking Trojan Ranks On Top 10 Malware List for First Time, Over Doubling Its Impact On Organizations (lien direct) | Check Point's researchers find sharp increase in attacks using the long-running Ursnif banking trojan capable of stealing email and banking credentials Our latest Global Threat Index for May 2020 has found several malicious spam campaigns distributing the Ursnif banking trojan, which caused it to jump up 19 places to 5th in the Top Malware list,… | Spam Malware Threat | ||
|
2020-06-11 11:00:00 | Bluetooth security risks explained (lien direct) | What would we do without Bluetooth these days? Our earbuds and headphones would have to use annoying wires. We would have one less way to transfer files between your laptop and your phone. And how would you connect your phone to your car? But as a wireless data transfer standard, of course Bluetooth has some associated cybersecurity risks. You don’t want unauthorized parties to access the data you’re transferring via Bluetooth, nor do you want them to have access to your Bluetooth-enabled devices. It helps to know what the security risks with Bluetooth are so you can enjoy all of the convenience of the widespread wireless technology while mitigating its risks. The most common types of Bluetooth attacks BlueSmacking BlueSmacking is a way to execute a Denial of Service attack against a Bluetooth-enabled device. What’s a Denial of Service attack, you might ask? It’s when a target such as a server or device gets way more data packets or oversized data packets than it’s designed to handle. The target gets overwhelmed, so it shuts down. Thankfully Denial of Service attacks are relatively minor as far as cyber attacks in general are concerned. You can usually recover from one by rebooting the targeted device. But through the distraction or inconvenience of a Denial of Service attack, attackers are able to conduct more destructive cyber attacks. So Denial of Service attacks shouldn’t be underestimated. To get technical, a BlueSmack attack uses the L2CAP layer of Bluetooth’s networking stack to send a really oversized data packet. I couldn’t finish a large pizza in one sitting, and if I tried to force myself to I’d probably “shutdown” with a stomach ache on my couch. BlueSmack and Bluetooth is a similar concept. BlueJacking BlueJacking sounds like Bluetooth plus hijacking for a reason. BlueJacking is when one Bluetooth device hijacks another with spam advertising. Bluetooth usually has a broadcasting range of ten meters or about thirty feet. So your BlueJacking attacker would probably be in the same room as you. Or perhaps an attacker could leave a BlueJacking device on the street and target your phone while you walk past it. Like BlueSmacking, this attack is more of an annoyance than anything else. But phone messages can be a means of phishing attacks. Phishing is when an attacker pretends to be a trusted entity like your bank, phone company, or Amazon to entice the victim into clicking on a link or entering their sensitive information. A message sent by BlueJacking could contain a hyperlink to a website that has malware, or a website that grabs sensitive information from its victim. BlueSnarfing You probably notice a trend in the naming of these Bluetooth security risks. They’re all Bluetooth-specific exploits with the word Blue in their names. That helps make everything easy to understand. So what is BlueSnarfing? It’s similar to BlueJacking in some ways, but much more dangerous. You see, a BlueJacking attack just sends data, whereas a BlueSnarfing attack can take data. Data that is dangerous in the hands of cyber attackers, such as your text messages, emails, photos, and the unique identifying information that your phone or laptop uses with your cellular provider or ISP. An attacker could receive enough information about your phone or laptop to conduct more harmful cyber attacks. BlueBugging BlueBugging is an exploit that was developed after it was seen how easy BlueJacking and BlueSnarfing can be to conduct. BlueBugging uses Bluetooth to establish a backdoor on a victim’s phone or laptop. Backdoors are very dangerous because they can give a malicious outsider inside access to your device and sensitive information. Basically they can use the backdoor to spy on your activity. They may even be able to pretend to be you on social media or your online banking! 4 Bluetooth security tips Fortunately there’s a lot you c | Spam | ||
|
2020-06-11 10:32:11 | Comment: Google: Here\'s How Phishing And Malware Attacks Are Evolving (lien direct) | Cyber criminals are tailoring coronavirus-related phishing and malware attacks to make them more effective at targeting victims in certain locations around the world, even as attackers continue to distribute millions of malicious spam emails every single day. Google Cloud has detailed how the past month has seen the emergence of regional hotspots for Covid-19 related cyber attacks, … The ISBuzz Post: This Post Comment: Google: Here’s How Phishing And Malware Attacks Are Evolving | Spam Malware | ||
|
2020-06-08 14:14:14 | New Avaddon Ransomware launches in massive smiley spam campaign (lien direct) | With a wink and a smile, the new Avaddon Ransomware has come alive in a massive spam campaign targeting users worldwide. [...] | Ransomware Spam | ||
|
2020-06-02 14:30:00 | Office 365 to make one-time passcode emails look less spammy (lien direct) | Microsoft is working on improving the Office 365 Message Encryption (OME) service to reduce the probability that emails with one-time passcodes (OTPs) required to read encrypted messages are marked as spam by mail servers. [...] | Spam | ||
|
2020-05-28 20:56:33 | Google to enable the Chrome anti-notification spam system in July 2020 (lien direct) | Chrome will block sites from showing notification spam by default. Has been an opt-in feature since February. | Spam | ||
|
2020-05-22 11:05:47 | Silent Night Zeus financial botnet sold in underground forums (lien direct) | The botnet is being spread through the RIG exploit kit and COVID-19 spam campaigns. | Spam | ||
 |
2020-05-19 18:03:23 | Securing work-at-home apps (lien direct) | In today's post, I answer the following question:Our customer's employees are now using our corporate application while working from home. They are concerned about security, protecting their trade secrets. What security feature can we add for these customers?The tl;dr answer is this: don't add gimmicky features, but instead, take this opportunity to do security things you should already be doing, starting with a "vulnerability disclosure program" or "vuln program".GimmicksFirst of all, I'd like to discourage you from adding security gimmicks to your product. You are no more likely to come up with an exciting new security feature on your own as you are a miracle cure for the covid. Your sales and marketing people may get excited about the feature, and they may get the customer excited about it too, but the excitement won't last.Eventually, the customer's IT and cybersecurity teams will be brought in. They'll quickly identify your gimmick as snake oil, and you'll have made an enemy of them. They are already involved in securing the server side, the work-at-home desktop, the VPN, and all the other network essentials. You don't want them as your enemy, you want them as your friend. You don't want to send your salesperson into the maw of a technical meeting at the customer's site trying to defend the gimmick.You want to take the opposite approach: do something that the decision maker on the customer side won't necessarily understand, but which their IT/cybersecurity people will get excited about. You want them in the background as your champion rather than as your opposition.Vulnerability disclosure programTo accomplish this goal described above, the thing you want is known as a vulnerability disclosure program. If there's one thing that the entire cybersecurity industry is agreed about (other than hating the term cybersecurity, preferring "infosec" instead) is that you need this vulnerability disclosure program. Everything else you might want to do to add security features in your product come after you have this thing.Your product has security bugs, known as vulnerabilities. This is true of everyone, no matter how good you are. Apple, Microsoft, and Google employ the brightest minds in cybersecurity and they have vulnerabilities. Every month you update their products with the latest fixes for these vulnerabilities. I just bought a new MacBook Air and it's already telling me I need to update the operating system to fix the bugs found after it shipped.These bugs come mostly from outsiders. These companies have internal people searching for such bugs, as well as consultants, and do a good job quietly fixing what they find. But this goes only so far. Outsiders have a wider set of skills and perspectives than the companies could ever hope to control themselves, so find things that the companies miss.These outsiders are often not customers.This has been a chronic problem throughout the history of computers. Somebody calls up your support line and tells you there's an obvious bug that hackers can easily exploit. The customer support representative then ignores this because they aren't a customer. It's foolish wasting time adding features to a product that no customer is asking for.But then this bug leaks out to the public, hackers widely exploit it damaging customers, and angry customers now demand why you did nothing to fix the bug despite having been notified about it.The problem here is that nobody has the job of responding to such problems. The reason your company dropped the ball was that nobody was assigned to pick it up. All a vulnerability disclosure program means that at least one person within the company has the responsibility of dealing with it.How to set up vulnerability disclosure program | Spam Vulnerability Threat Guideline | ★★★ | |
 |
2020-05-16 11:00:00 | How to Avoid Spam-Using Disposable Contact Information (lien direct) | The next time you sign up for a coupon code or retail promotion, use these apps to avoid spam text and email messages. | Spam | ||
|
2020-05-12 10:06:33 | U.S. Targets hit by returning Sphinx malware (lien direct) | The banking trojan has upgraded and is seeing a resurgence on the back of coronavirus stimulus payment themes. The Zeus Sphinx banking trojan has seen a recent resurgence in the United States, sporting some modifications and using COVID-19 spam as a lure. Sphinx re-emerged in December but saw a big spike in March via the […] | Spam Malware | ||
|
2020-05-11 11:00:09 | April 2020\'s Most Wanted Malware: Agent Tesla Remote Access Trojan Spreading Widely In COVID-19 Related Spam Campaigns (lien direct) | Check Point's researchers find sharp increase in attacks using new version of Agent Tesla capable of stealing Wi-Fi passwords, while Dridex banking trojan is most common threat Our latest Global Threat Index for April 2020 has found several COVID-19 related spam campaigns distributing a new variant of the Agent Tesla remote access trojan, moving it… | Spam Threat | ||
|
2020-05-09 11:08:51 | Microsoft Edge is getting a new feature to reduce web spam (lien direct) | Microsoft Edge is now giving users the ability to hide those pesky browser notification dialog boxes that are commonly used by web sites to push their content, or even spam, on visitors. [...] | Spam | ||
 |
2020-05-06 19:00:28 | How to protect yourself from coronavirus-related SMS spam (lien direct) | Spammers are sending text messages with deceptive links designed to exploit interest and fear around COVID-19, says AdaptiveMobile Security. | Spam | ||
 |
2020-05-05 07:03:00 | Firefox Private Relay : comment Mozilla veut tuer le spam dans l\'oeuf (lien direct) | Cette nouvelle extension permettra d'utiliser des adresses e-mail aléatoires pour s'inscrire à des services en ligne. Ce qui permet de ne pas se retrouver sur des listes de spams avec sa véritable adresse.  |
Spam | ★★★★★ | |
|
2020-05-04 23:09:04 | Microsoft spotted multiple malspam campaigns using malware-laced ISO and IMG files (lien direct) | Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Last week experts from Microsoft detected a COVID-19-themed spam campaign, the messages are crafted to trick users into downloading and mounting […] | Spam Threat | ★★ | |
|
2020-05-02 21:58:02 | TrickBot operators exploit COVID-19 as lures (lien direct) | IBM X-Force researchers spotted a new COVID-19-themed campaign spreading the infamous TrickBot trojan through fake messages. IBM X-Force researchers uncovered a new COVID-19-themed campaign that is spreading the infamous TrickBot trojan through fake messages. The spam messages pretend to be sent by the Department of Labor's Family and Medical Leave Act (FMLA) and attempt to […] | Spam | ||
 |
2020-04-30 10:00:25 | TrickBot Campaigns Targeting Users via Department of Labor FMLA Spam (lien direct) | Recent analysis from IBM X-Force spam traps uncovered a new Trickbot campaign that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor. | Spam | ||
|
2020-04-29 16:10:24 | Google updates Chrome Web Store policy to block extension spam (lien direct) | Google today updated the Chrome Web Store's spam policy to block extension spam so that users can have a real chance to avoid potentially malicious extensions while sifting through 200,000 add-ons available in the store. [...] | Spam | ||
|
2020-04-27 10:00:30 | SBA Spoofed in COVID-19 Spam to Deliver Remcos RAT (lien direct) | As the ongoing COVID-19 pandemic impacts small businesses in the U.S., cybercriminals are trusting that people will be more likely to open unsolicited emails purporting to come from relevant entities. | Spam | ||
 |
2020-04-24 16:45:41 | Unproven Coronavirus Therapy Proves Cash Cow for Shadow Pharmacies (lien direct) | Many of the same shadowy organizations that pay people to promote male erectile dysfunction drugs via spam and hacked websites recently have enjoyed a surge in demand for medicines used to fight malaria, lupus and arthritis, thanks largely to unfounded suggestions that these therapies can help fight the COVID-19 pandemic. A review of the sales figures from some of the top pharmacy affiliate programs suggests sales of drugs containing hydroxychloroquine rivaled that of their primary product -- generic Viagra and Cialis -- and that this as-yet-unproven Coronavirus treatment accounted for as much as 25 to 30 percent of all sales over the past month. | Spam | ||
|
2020-04-23 18:15:51 | How sextortion scam emails sneak past security filters (lien direct) | Scammers use text-based images, QR codes, and other tricks to evade spam filters, says email security provider Vade Secure. | Spam | ||
|
2020-04-23 12:42:08 | How businesses and individuals can be ensnared by coronavirus-related spam (lien direct) | Many people said they would respond to emails claiming to be from the IRS or WHO, according to IBM X-Force. | Spam | ||
|
2020-04-23 10:00:26 | New Study Shows Consumers Could Be Vulnerable to COVID-19 Spam (lien direct) | Since March 11, IBM X-Force has observed a more than 6,000 percent increase in COVID-19 spam, with lures ranging the full gamut of challenges and concerns facing individuals. | Spam | ||
|
2020-04-22 13:31:20 | How to better protect your organization against email threats (lien direct) | As most generic spam now gets blocked, attackers have turned to more targeted, personalized phishing emails to reel in their victims, according to security firm Trustwave. | Spam | ||
|
2020-04-22 13:00:09 | This is what happens to cryptocurrency paid out in sextortion campaigns (lien direct) | Researchers have followed the trail of dirty coins generated through extorting sextortion spam victims. | Spam | ||
|
2020-04-22 04:25:55 | Les données de 267 millions d\'utilisateurs Facebook en vente pour... 500 euros (lien direct) | Vendue sur le Dark Web, cette base contient notamment des adresses e-mails, des noms et prénoms et des numéros de téléphone. Bref, tout ce qu'il faut pour envoyer du spam et faire du phishing.  |
Spam | ||
|
2020-04-17 12:52:16 | Google Says It\'s Blocking Millions Of COVID-19 Phishing & Spam Emails – Expert Reaction (lien direct) | VentureBeat and ZDNet reported this afternoon that Google's saying it blocked 18 million COVID-19 themed phishing emails last week. The blocked COVID-19 phishing emails targeting Gmail users represent about 2.5% of the 100 million phishing emails Google blocks daily. They also say they're blocking 240 million COVID-related daily spam messages each day. The ISBuzz Post: This Post Google Says It’s Blocking Millions Of COVID-19 Phishing & Spam Emails – Expert Reaction | Spam | ||
|
2020-04-17 10:07:47 | KnowBe4 Launches PhishRIP to Remove Suspicious Emails From Inboxes (lien direct) | KnowBe4 has launched a new feature to its PhishER product called PhishRIPTM, which helps security professionals remove, inoculate and protect against email threats faster. Technical controls do not filter out all of the malicious emails that come into a user's inbox. Various research has shown that phishing, spam and malware attachments still make it through email filters. Mimecast notes filters are missing 12% of unwanted emails. According to research […] | Spam Malware | ||
|
2020-04-09 11:00:22 | March 2020\'s Most Wanted Malware: Dridex Banking Trojan Ranks On Top Malware List For First Time (lien direct) | Check Point's researchers find Dridex has been updated and spread via multiple spam campaigns to deliver targeted ransomware, increasing the risk from the long-established trojan Our latest Global Threat Index for March 2020 shows the well-known banking trojan Dridex, which first appeared in 2011, has entered the top ten malware list for the first time,… | Spam Malware Threat | ||
|
2020-03-30 22:35:59 | Coronavirus-themed spam surged 14,000% in two weeks says IBM (lien direct) | Since February, spam exploiting the novel coronavirus has jumped by 4,300% and 14,000% in the past 14 days, according to IBM X-Force, IBM's threat intelligence group. | Spam Threat | ||
|
2020-03-30 15:24:27 | Zeus Sphinx spam campaign attempt to exploit Coronavirus outbreak (lien direct) | The Zeus Sphinx malware is back, operators are now spreading it exploiting the interest in the Coronavirus outbreak. The Zeus Sphinx malware is back, it was observed in a new wave of attacks attempting to exploit the interest in the Coronavirus outbreak. Experts from IBM X-Force uncovered a hacking campaign employing the Zeus Sphinx malware, […] | Spam Malware | ||
|
2020-03-30 04:00:48 | Zeus Sphinx Trojan Awakens Amidst Coronavirus Spam Frenzy (lien direct) | The renewed Zeus Sphinx activity that IBM X-Force is seeing features a modified variant targeting online banking users in North America and Australia through the use of maldocs themed around COVID-19. | Spam | ||
|
2020-03-20 13:50:15 | FBI Warning: Phishing Emails Push Fake Govt Stimulus Checks (lien direct) | FBI's Internet Crime Complaint Center (IC3) today warned of an ongoing phishing campaign delivering spam that uses fake government economic stimulus checks as bait to steal personal information from potential victims. [...] | Spam |
To see everything:
Our RSS (filtrered)
