Category: Phishing

A man loses $650,000 from his cryptocurrency wallet after his Apple iCloud account is hacked, video conferencing apps may not be muting your mic quite the way you imagined, and Google has unblurred military bases in Russia... or has it? All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

LinkedIn is known as a professional social networking website that helps to connect companies with experienced professionals. But in the past few months, the company’s name is being used by cyber criminals as the most spoofed brand to send phishing emails.

Check Point, a security-based research firm found in its analysis that LinkedIn’s name is being abused by cyber criminals in sending phishing emails to innocent professionals so far in the year 2022.

Last year, LinkedIn was seen at the 5th spot with the count of impersonating attacks lying at 8%.

This year, it has surpassed package delivery company DHL and topped the list of the most used brand in sending impersonating emails.

Next in the list are companies such as DHL and FedEx sharing the same spot and Maersk, Ali Express and Blue Dart.

Meaning, criminals are using the name of these companies and sending malicious emails to victims saying that a parcel on their name is about to be delivered and the company needs to know some personal details from the victim for parcel authentication.

Information such as email ID, contact number and sometimes Dobs are being asked by the hackers for parcel delivery and after they get such details, they vanish without a trace- only to use the details thereafter to launch hacking campaigns.

With LinkedIn, the usage and attack posture are different. The criminals use the company logo and name and first send connection request emails to the victims. And as soon as the victim clicks on the “Accept Button” they take the victim to a phishing website that then harvests their personal info from the infected system or smart phone.

So, all you guys using LinkedIn, please beware of such cyber attack attempts before it is too late.

 

The post LinkedIn tops the Phishing Email list appeared first on Cybersecurity Insiders.

According to a discovery made by security researchers from Cybereason, top-ranking officials from Israel were being targeted by spear phishing cyber attacks. And the hackers group behind this campaign is suspected to be AridViper, a notorious cyber criminal group from Middle East.

AridViper aka Desert Falcon or APT-C-23 is an advanced persistent group that is being run by some Saudi politicians on a secret note.

Also known as a two-scaled scorpion, this APT group was initially assigned the duty of preying on Palestine law enforcement officers and people behind educational institutions.

In February this year, security researchers from Cisco Talos found that the Israel Palestine Conflict was fueling the AridViper to launch catfishing attacks.

Now, in March this year, Cybereason’s Nocturnus Research Team found that the cyber crime group has started a new campaign dubbed “Operation Bearded Barbie” through which it was targeting Israel individuals through cat fishing campaigns to infect their PCs and mobile devices with spying and data stealing tools.

Already 17 of the law enforcement officials, three working for defense and 8 from the emergency service sector, were found targeted, and the number is said to increase as the campaign unfolds.

Catfishing cyber attack campaign is simple, just to create fake social media account pages and target individuals and trick them into downloading malware.

In most cases, profiles of beautiful women or upcoming models from fashion circuit are used to hook the victims in downloading trojanized messaging apps such as Barbwire Backdoor.

Barbwire had capabilities such as conducting surveillance, capturing keylogs, screen capturing, and eavesdropping and recording on digital conversations taking place between targeted individuals.

Also, the downloader has the capabilities of exfiltrating data to remote servers from compromised machines. And the information includes details such as MS office documents, archives, images and videos.

Additionally, Cybereason researchers also found an android malware dubbed VolatileVenom during the installation of discrete apps and is also found having capabilities of conducting espionage and data theft.

VolatileVenom being spread from Catfishing attacks had capabilities of spying on the victims through his/her WhatsApp, Facebook, twitter, Instagram, Skype and IMO messages.

Why the campaign is targeting only Israel government officials through Catfishing campaign is yet to be figured out?

 

The post Israel government officials targeted by spear phishing attacks appeared first on Cybersecurity Insiders.

All those who are about to purchase a Windows 11 loaded PC; here’s a news piece to rejoice. Microsoft has issued an official statement that Win 11 machines will get more security improvements in upcoming releases, adding more protection to existing cyber threats, better encryption and will auto-block malicious apps and drivers from being downloaded onto the PC.

“The future updates from Microsoft will be enriched with significant security improvements and will add more protection to the processor by interlinking the hardware and software to the cloud,” said David Weston, VP for Enterprise & OS Security.

Thus, as a part of the update, Microsoft will add phishing protection to its Microsoft Defender SmartScreen. Therefore, as soon as the user tries to key-in his/her credentials onto a malicious app or website, they will be warned about the risks lurking in application or hacked website.

Till date, SmartScreen has blocked over 25.8 billion brute force attacks on Azure’s active directories and could track down and neutralize over 35.7 billion phishing emails.

Hence, by adding such exclusive security capabilities, Windows 11 will become the world’s first operating system that has been enhanced with anti-phishing capabilities.

Additionally, the newly presented Personal Data Encryption feature will help protect user files and data from malicious drivers and will act as an additional security layer by blocking access until they are authenticated by Windows Hello- available only to business users.

The Windows Defender Application Control (WDAC) feature will offer all Win 11 customers to enable the vulnerable driver block-list.

To offer utmost security protection, Windows 11 users will get a Smart App control feature that blocks users from running malicious apps using code signing authentication powered by Artificial Intelligence.

So, one can stay assured that only safe and reliable applications will run on the device, cutting down risks associated with the download of unsafe apps.

 

The post Microsoft Windows 11 will have more protection against cyber threats appeared first on Cybersecurity Insiders.

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of March 21, 2022. I’ve also included some comments on these stories. Misconfigured Firebase Databases Exposing Data In Mobile Apps […]… Read More

The post Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of March 21, 2022 appeared first on The State of Security.

We all know about the attacker who leverages their technical expertise to infiltrate protected computer systems and compromise sensitive data. This type of malicious actor ends up in the news all the time. But they’re not the only ones making headlines. So too are “social engineers,” individuals who use phone calls and other media to […]… Read More

The post 5 Social Engineering Attacks to Watch Out For appeared first on The State of Security.