Latest Warnings – Computer Security Articles

Phishing for Apples, Bobbing for Links

January 13, 2020 admin apple phishing, Latest Warnings, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 13 Jan 2020 16:09:58 +0000

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures has emerged as the most targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or stolen. Today’s piece looks at the well-crafted links used in some of these lures.

Independent Krebs

Tricky Phish Angles for Persistence, Not Passwords

January 7, 2020 admin jeff jones, Latest Warnings, login.microsoftonline.com, michael tyler, Microsoft Office 365, microsoftonline.com, PhishLabs, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 07 Jan 2020 21:35:40 +0000

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim’s email, files and contacts — even after the victim has changed their password.

Independent Krebs

Patch Tuesday Lowdown, October 2019 Edition

October 8, 2019 admin cve-2019-1367, Ivanti, Latest Warnings, remote desktop, Security Tools, Time to Patch, Woody Leonhard

Credit to Author: BrianKrebs| Date: Wed, 09 Oct 2019 06:00:58 +0000

On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it’s a relatively light patch batch this month. Here’s a look at the highlights.

Independent Krebs

Before He Spammed You, this Sly Prince Stalked Your Mailbox

September 18, 2019 admin A Little Sunshine, Latest Warnings, Ne'er-Do-Well News

Credit to Author: BrianKrebs| Date: Wed, 18 Sep 2019 18:53:16 +0000

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: it was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these “advance fee” or “419” scams- – so-called because they violate section 419 of the criminal code of Nigeria where many such lures originate — predate email and have circulated via postal mail in various forms and countries over the years.

Independent Krebs

Phishers are Angling for Your Cloud Providers

August 30, 2019 admin Anti-Phishing Working Group, Ashwin Vamshi, cloud customer relationship management, CRM phishing, Latest Warnings, Netskope, Pardot, Salesforce, The Coming Storm, United Rentals, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 30 Aug 2019 16:21:59 +0000

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals.

Independent Krebs

Patch Tuesday, August 2019 Edition

August 13, 2019 admin August 2019 Edition, Latest Warnings, Microsoft Patch Tuesday, Time to Patch

Credit to Author: BrianKrebs| Date: Tue, 13 Aug 2019 21:57:13 +0000

Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it’s all going to turn out. Fortunately, this month’s patch batch from Redmond is mercifully light, at least compared to last month.

Independent Krebs

The Risk of Weak Online Banking Passwords

August 5, 2019 admin 2fa, Aite Group, alex holden, Alissa Knight, Brian Costello, Financial Data Exchange, Hold Security, Latest Warnings, Mint, Paypal, Plaid, The Coming Storm, YNAB, Yodlee, Zelle

Credit to Author: BrianKrebs| Date: Mon, 05 Aug 2019 14:04:27 +0000

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. This story is about how crooks increasingly are abusing third-party financial aggregation services like Mint, Plaid, Yodlee, YNAB and others to surveil and drain consumer accounts online.

Independent Krebs

The Unsexy Threat to Election Security

July 25, 2019 admin Latest Warnings, REACT Task Force, Samy Tarazi, San Mateo County, SIM swapping, The Coming Storm, Yubico

Credit to Author: BrianKrebs| Date: Thu, 25 Jul 2019 17:01:41 +0000

Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.

← Previous