A half dozen technology and security companies — some of them competitors — issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle ‘WireX,’ an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this month to launch a series of massive […]
Is Your Mobile Carrier Your Weakest Link?
More online services than ever now offer two-step authentication — requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account. Below are […]
Business Email Compromise Campaign Harvesting Credentials in Numerous Industries
A business email compromise campaign emanating out of Western Africa is targeting companies in a wide swathe of industries, bucking a trend of these scams focusing on wire fraud and targeting CEOs. The criminals are using phishing emails with links redirecting victims to sites designed to harvest corporate email credentials. Researchers at Flashpoint said it’s […]
Neptune Exploit Kit Dropping Cryptocurrency Miners Through Malvertisements
Despite a marked decrease in activity, exploit kits haven’t completely disappeared just yet. The Neptune, or Terror Exploit Kit, is alive and well; during the last month, researchers have observed the kit as part of a campaign to abuse a legitimate popup ad service to drop cryptocurrency miners. Researchers with FireEye said Tuesday the kit […]
Blowing the Whistle on Bad Attribution
The New York Times this week published a fascinating story about a young programmer in Ukraine who’d turned himself in to the local police. The Times says the man did so after one of his software tools was identified by the U.S. government as part of the arsenal used by Russian hackers suspected of hacking into the Democratic National […]