Thursday, July 9

Phsihing Spam

The next cybersecurity headache: Employees know the rules but just don’t care
Breach Hack, Cyber Security, Free, Guide, Malware Ransomware, Phsihing Spam, Resources, Safety Security, Scams Fraud, Tools Apps Software

The next cybersecurity headache: Employees know the rules but just don’t care

Employees are still ignoring cybersecurity best practice despite being more aware of the risks. Cybersecurity has shot to the top of many IT leaders' priorities over the past few months as remote working became the de facto way of doing business. Yet despite more awareness of the security risks of working from home, employees are still showing a lax attitude when putting it into practice, according to new findings. Security firm Trend Micro surveyed more than 13,000 remote workers across 27 countries for its latest Head in the Clouds survey, which sought to understand individuals' attitudes towards risk in terms of cybersecurity. SEE: Mobile d...
Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com
Cyber Security, Free, Parents Family, Phsihing Spam, Privacy Data Protection, Safety Security, Scams Fraud, Tools Apps Software

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same. Earlier this year, KrebsOnSecurity heard from the owners of Privnote.com, who complained that someone had set up a fake clone of their site that was fooling quite a few regular users of the service. And it’s not hard to see why: Privnotes.com is confusingly similar in name...
COVID-19: Latest Security News & Commentary
Addiction, Breach Hack, Children Teens, Cyber Crime, Cyber Security, Free, Games, Guide, How-to Tips, Identity Theft, Malware Ransomware, Marketing, Parents Family, Phsihing Spam, Privacy Data Protection, Resources, Safety Security, Scams Fraud, Senior Aging, Social Media, Tools Apps Software, Virus

COVID-19: Latest Security News & Commentary

Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic. ') } else document.write('') Image Source: CDC Newsroom Image library 07/01/2020Another COVID-19 Side Effect: Rising Nation-State Cyber ActivityWhile financial institutions and government remain popular targets, COVID-19 research organizations are now also in the crosshairs. 06/30/2020COVID-19 Puts ICS Security Initiatives 'On Pause'Security pros concerned that increased remote access to vulnerable operational technology and stalled efforts to harden OT environments puts critical infrastructure at greater risk. CISA Issues Advisory on Home RoutersThe increase in work-from-home employees raises the importance of home router security. Profile of the Po...
Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
Addiction, Breach Hack, Children Teens, Cyber Crime, Cyber Security, Free, Games, How-to Tips, Malware Ransomware, Parents Family, Phsihing Spam, Safety Security, Senior Aging, Social Media, Virus

Lessons from COVID-19 Cyberattacks: Where Do We Go Next?

We need to learn from the attacks and attempts that have occurred in order to prepare for the future.Cyber actors have shown us during the pandemic that they will let no opportunity go by without trying to take advantage. We've seen them prey upon the fear and concern around COVID-19 with phishing attacks, and capitalize on security weaknesses as organizations switched to remote work scenarios. And it's had a significant impact on security professionals' roles — a recent survey from (ISC)² found that 81% of respondents said their job function had changed during the pandemic. The upside of this is that there are lessons to learn from the types of attacks and attempts that have occurred that will help prepare organizations for the future. Capitalizing on PanicThe easiest, fastest way to exp...
Anatomy of a Long-Con Phish
Addiction, Children Teens, Cyber Security, Free, Identity Theft, Malware Ransomware, Parents Family, Phsihing Spam, Resources, Safety Security, Scams Fraud, Senior Aging, Social Media

Anatomy of a Long-Con Phish

A fraudster on LinkedIn used my online profile in an apparent attempt to pull off a wide-ranging scam business venture.Phishing is one of the oldest fraud techniques online. Phishers often utilize a spray-and-pray method to hit as many potential victims as possible. The aim of such an attack is quick profit via the harvesting of user login or banking credentials. Once the victim surrenders his/her valuable information, the phisher moves on, either to the next victim or a different campaign altogether. But some phishing attacks are entirely different. For the lack of a better term, I call them "long-con phishing." I was on the receiving end of one such phishing scam recently. In March, I received this LinkedIn message: ') } else document.write('') Even...
Beware “secure DNS” scam targeting website owners and bloggers
Breach Hack, Cyber Security, Free, How-to Tips, Malware Ransomware, Phsihing Spam, Privacy Data Protection, Safety Security, Scams Fraud, Virus

Beware “secure DNS” scam targeting website owners and bloggers

If you run a website or a blog, you probably use a cloud provider or a dedicated hosting company to manage your server and deliver the content to your readers, viewers and listeners. We certainly do – both Naked Security and our sister site Sophos News are hosted by WordPress VIP. That’s not a secret (nor is it meant to be), not least because most providers identify themselves in the HTTP headers they send back in their web replies, if only as a matter of courtesy: $ getheaders https://news.sophos.com Connecting... OK. TLS handshake... OK. ---headers--- server: nginx date: Mon, 29 Jun 2020 10:21:21 GMT content-type: text/html; charset=UTF-8 content-length: 0 x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header...
Google stops pushing scam ads on Americans searching for how to vote
Addiction, Children Teens, Cyber Security, Free, How-to Tips, Parents Family, Phsihing Spam, Privacy Data Protection, Safety Security, Scams Fraud, Senior Aging, Social Media, Tools Apps Software

Google stops pushing scam ads on Americans searching for how to vote

You don’t have to pay to vote in the US. Up until recently, you wouldn’t have necessarily known that, were you to have run a Google search for how or where to vote. Such a search would have been polluted with scammy ads like this one offering “same-day processing” of voter registration for $129: Voting scam ad. IMAGE: Tech Transparency ProjectThat ad, which directs to a site from PrivacyWall.org, is the first ad in a Google search for “register to vote” that was run in an analysis done by watchdog Tech Transparency Project (TTP). On Monday, after it got called out by TTP, Google removed that kind of ad from search results. PrivacyWall’s CEO Jonathan Wu told Reuters that its service makes it easier for voters to register online without giving more data than is necessary, and that it...
Aussie surfer’s hacked Instagram sent sexually explicit images to her 40,000 followers
Addiction, Breach Hack, Children Teens, Cyber Security, Free, How-to Tips, Identity Theft, Malware Ransomware, Marketing, Parents Family, Phsihing Spam, Safety Security, Scams Fraud, Senior Aging, Sex Porn, Social Media

Aussie surfer’s hacked Instagram sent sexually explicit images to her 40,000 followers

18-year-old Blaze Angel Roberts is a talented surfer.So good in fact that the Sydney-based surfing star has managed to collect 40,000 followers on her Instagram account.Unfortunately, her popularity also seems to have drawn the unwanted attention of hackers, who successfully tricked her into clicking on a phishing link, and handing over the password to her email account.Roberts told Nine Network’s “A Current Affair” TV show that the hackers used the compromised email account as a springboard to hijack her Instagram account: When Ms Roberts regained access to her email, she found photos of the hackers in her sent messages.When an account has been hacked, Instagram asks users to verify their identity by sending their security team a photo of themselves holding a piece of paper with a handwri...
Stalker Online hacked! Over one million gamers’ passwords made available for download
Breach Hack, Cyber Security, Free, How-to Tips, Phsihing Spam, Safety Security, Scams Fraud

Stalker Online hacked! Over one million gamers’ passwords made available for download

More than one million players of the video game Stalker Online have been put at risk after hackers offered them for sale on the darknet.As Cybernews reports, a database containing over 1.2 million Stalker Online user records is being sold on hacking forums. Separately, another database which is said to contain more than 136,000 records from the game’s forums are also being offered for sale.Cybernews says it found the database for sale on a popular hacking forum on May 5, with a link to a defaced page on the Stalker Online website offered as “proof” that the game’s servers had been hacked.Defaced Stalker Online webpage: Source: Cybernews. The security of this web server has been compromised and all your files and userdata are now in our possession.Contact us on [REDACTED] for assistance in ...
Maze Ransomware operators hacked Highways Authority Of India (Nhai)
Breach Hack, Cyber Crime, Cyber Security, Malware Ransomware, Phsihing Spam, Safety Security

Maze Ransomware operators hacked Highways Authority Of India (Nhai)

Researchers at Cyble reported that Maze Ransomware Operators allegedly breached National Highways Authority Of India (Nhai). As part of regular darkweb monitoring, researchers from threat intelligence firm has spotted the data leak of National Highways Authority of India (NHAI). The Maze ransomware operators allegedly breached the NHAI and leaked the data of their leak site. The National Highways Authority of India (NHAI) is an autonomous agency of the Government of India, set up in 1988, and is responsible for the management of a network of over 50,000 km of National Highways out of 1,15,000 km in India. It is a nodal agency of the Ministry of Road Transport and Highways. According to the Economic Times, the attack took place on Sunday night, hackers...