INFOSECURITY NEWSLETTER

June 21, 2017

Phishers Padding URLs with Hyphens to Target Facebook Users

David Bisson, Tripwire.com, June 19, 2017

Phishers are sending Facebook users fake login pages with URLs they’ve padded with hyphens, a trick which makes the sites look legitimate on mobile devices. The attack works by sending a real, legitimate domain within a larger URL that’s fake. For instance, the following link redirects users to a phishing site: hxxp://m.facebook.com—————-validate—-step1.rickytaylk[dot]com/sign_in.html.

Read More

[Video] View the PowerPoint Mouseover Phishing Technique in Action

Noah Powers, Deltarisk.com, June 15, 2017

In this post, we’ll take look at one of the latest hacking techniques involving PowerPoint and the mouseover action. Check out our demo video to see the technique in action.

Read More

US Restaurants Targeted with Fileless Malware

Zelijka Zorz, Helpnetsecurity.com, June 15, 2017

Morphisec researchers have spotted another attack campaign using fileless malware that is believed to be mounted by the infamous FIN7 hacking group. The goal of the campaign is to gain control of the target businesses’ systems, install a backdoor, and through it perform continual exfiltration of financial information.

Read More

Perception and Reality: The Role of AI and Automated Defenses

Help Net Security Staff, Helpnetsecurity.com, June 16, 2017

Each year, Radware publishes the findings and analysis of its information security industry survey. Complementing that research is Radware’s annual executive survey. In Q2 of this year, Radware conducted a global survey of C-suite executives.

Read More

Why Linguistics Can’t Always Identify Cyber Attackers’ Nationality

Fahida Y. Rashid, Csoonline.com, June 13, 2017

Malware. Data theft. Ransomware. Everyone wants to know who was behind the latest audacious attack. Several attempts have been made over the years to use linguistics to identify perpetrators, but when it comes to attribution, there are limitations to using this method.

Read More

Hackers Steal 6 Million User Accounts for Cash-for-Surveys Site

Joseph Cox, Motherboard.vice.com, June 14, 2017

In one of the more bizarre data breaches to surface recently, hackers made off with 6 million accounts for CashCrate, a site where users can be paid to complete online surveys, according to a database obtained by Motherboard.

Read More

More Evidence Mac Ransomware Exists

Bill Brenner, Nakedsecurity.sophos.com, June 15, 2017

We’ve been saying it for some time: Mac malware is rare compared to the stuff that targets Windows. But Apple computers are far from immune. This year’s SophosLabs malware forecast included Mac malware geared towards harvesting data, providing covert remote access to thieves and holding files for ransom.

Read More

Kaspersky: Online Banking Hacks Cost Banks Nearly $1.8M Each

Justine Brown, Ciodive.com, June 19, 2017

Cybersecurity incidents involving online banking services cost banks an average of nearly $1.8 million each, according to a new Kaspersky Lab report. That’s about double the cost banks typically pay to recover from a malware incident.

Read More

How to Make Your Employees Care About Cybersecurity: 10 Tips

Alison DeNisco, Techrepublic.com, June 19, 2017

People are the largest security vulnerability in any organization. Here’s some expert advice on how to make cybersecurity training more effective and protect your business.

Read More
financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

top cyber incident pain points