A new week, a new month, and a new Cybersecurity News post! This iteration contains a whopping eight (8) stories covering the last two to four weeks. Since cybersecurity is a diverse field of assorted specializations, we attempt to match that with various stories touching on all aspects of cybersecurity. This time we cover a few breaches, Elon Musk's decision to alter Twitter's … [Read more...]
Give Us Your SSN, Your Email Password, and Your Dream Job
Every so often, there is a phish that stands out because of its brazenness. Today, we came across a bank phish that requested a few verification details: Username and Password Social Security Number Email address and email password used for 2-Step verification Security Questions: What was your dream job as a child? Who is your favorite sports athlete or player? What was … [Read more...]
The Evolution of Phishing: A WatchGuard Real-World Example
Phishing is a type of social engineering attack where threat actors attempt to trick users into providing sensitive information via email. Typically, this involves creating a phishing campaign where threat actors will send the same phishing email to a large batch of recipients in an attempt to trick at least a small subset of these potential victims. Not to be confused with … [Read more...]
Phishing Deep in the Amazon
Find an online store you trust, pick an item with reliable reviews, enter your payment details and/or sign-in to the websites account, and finally, click ‘Purchase’. This process is all it takes to purchase gifts this holiday season. There is one final step: Receive the package. Though this may not feel like a step, the seemingly simple process of tracking and receiving your … [Read more...]
Recent Phishing Research Leads Us To Access Scammers Logs
Over the first week of November, we saw an increase in the malware family Phishing.ADA reporting into the Firebox Feed, our threat intelligence feed fueled by opt-in reports from Firebox security appliances deployed around the world. We found this phishing email primarily targeted users in Southeast Asia to steal email credentials. We retrieved a sample of this malware and the … [Read more...]