Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,” and (2) it only changed the link’s appearance (anchortext), not the underlying URL. So if …
On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to read “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com …
Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient’s natural curiosity about being copied on a private discussion, which is modified to …
Enlarge / They look like normal notifications, but opening an iPhone with one or more of these stacked up, you won't be able to do much of anything until you tap "Allow" or "Don't Allow." And they're right next to each other. (credit: Kevin Purdy) Human weaknesses are a rich …
Enlarge (credit: Getty Images) Hundreds of Microsoft Azure accounts, some belonging to senior executives, are being targeted by unknown attackers in an ongoing campaign that's aiming to steal sensitive data and financial assets from dozens of organizations, researchers with security firm Proofpoint said Monday. The campaign attempts to compromise …
Enlarge / A woman scans a QR code in a café to see the menu online. The US Federal Trade Commission has become the latest organization to warn against the growing use of QR codes in scams that attempt to take control of smartphones, make fraudulent charges, or obtain personal …
Enlarge (credit: Wired staff; Getty Images) For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they're revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them …
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes …
Enlarge / Man hand holding a mobile phone with QR code. (credit: Getty Images) Phishing mongers have released a torrent of image-based junk emails that embed QR codes into their bodies to successfully bypass security protections and provide a level of customization to more easily fool recipients, researchers said. In …
I get UPS phishing spam on my phone all the time. I never click on it, because it’s so obviously spam. Turns out that hackers have been harvesting actual UPS delivery data from a Canadian tracking tool for its phishing SMSs. [...]
Researchers are worried about Google’s.zip and.mov domains, because they are confusing. Mistaking a URL for a filename could be a security vulnerability. [...]
Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. It’s an interesting experiment, and the results are likely to …
Enlarge (credit: Getty Images | Carol Yepes) Hackers have devised a way to bypass ChatGPT ’s restrictions and are using it to sell services that allow people to create malware and phishing emails, researchers said on Wednesday. ChatGPT is a chatbot that uses artificial intelligence to answer questions and perform …
This is a good list of modern phishing techniques. [...]
CISA is now pushing phishing-resistant multifactor authentication. Roger Grimes has an excellent post reminding everyone that “phishing-resistant” is not “phishing proof,” and that everyone needs to stop pretending otherwise. His list of different attacks is particularly useful. [...]
It’s big : The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. “They pretty much have full access to Uber,” said …
Here’s a phishing campaign that uses a man-in-the-middle attack to defeat multi-factor authentication: Microsoft observed a campaign that inserted an attacker-controlled proxy site between the account users and the work server they attempted to log into. When the user entered a password into the proxy site, the proxy …
The City of Austin is warning about QR codes stuck to parking meters that take people to fraudulent payment sites. [...]
This is part 3 of Sean Gallagher’s advice for “securing your digital life.” [...]
Roger Grimes on why multifactor authentication isn’t a panacea : The first time I heard of this issue was from a Midwest CEO. His organization had been hit by ransomware to the tune of $10M. Operationally, they were still recovering nearly a year later. And, embarrassingly, it was his …
Enlarge / The Internet is unfortunately packed full of criminals seeking to steal sexual (or sexualizable) images from privately held cloud backup accounts. (credit: 1905HKN via Getty Images / Jim Salter ) The LA Times reported this week that Los Angeles man Hao Kuo "David" Chi pled guilty to four federal felonies …
It’s a big one : As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000. The trove …
The problem with spear phishing it that it takes time and creativity to create individualized enticing phishing emails. Researchers are using GPT-3 to attempt to solve that problem: The researchers used OpenAI’s GPT-3 platform in conjunction with other AI-as-a-service products focused on personality analysis to generate phishing emails …
Interesting attack : Masquerading as UK scholars with the University of London’s School of Oriental and African Studies (SOAS), the threat actor TA453 has been covertly approaching individuals since at least January 2021 to solicit sensitive information. The threat actor, an APT who we assess with high confidence supports …
Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of …