INFOSECURITY NEWSLETTER

June 21, 2017

Phishers Padding URLs with Hyphens to Target Facebook Users

David Bisson, Tripwire.com, June 19, 2017

Phishers are sending Facebook users fake login pages with URLs they’ve padded with hyphens, a trick which makes the sites look legitimate on mobile devices. The attack works by sending a real, legitimate domain within a larger URL that’s fake. For instance, the following link redirects users to a phishing site: hxxp://m.facebook.com—————-validate—-step1.rickytaylk[dot]com/sign_in.html.

Read More

[Video] View the PowerPoint Mouseover Phishing Technique in Action

Noah Powers, Deltarisk.com, June 15, 2017

In this post, we’ll take look at one of the latest hacking techniques involving PowerPoint and the mouseover action. Check out our demo video to see the technique in action.

Read More

US Restaurants Targeted with Fileless Malware

Zelijka Zorz, Helpnetsecurity.com, June 15, 2017

Morphisec researchers have spotted another attack campaign using fileless malware that is believed to be mounted by the infamous FIN7 hacking group. The goal of the campaign is to gain control of the target businesses’ systems, install a backdoor, and through it perform continual exfiltration of financial information.

Read More

Perception and Reality: The Role of AI and Automated Defenses

Help Net Security Staff, Helpnetsecurity.com, June 16, 2017

Each year, Radware publishes the findings and analysis of its information security industry survey. Complementing that research is Radware’s annual executive survey. In Q2 of this year, Radware conducted a global survey of C-suite executives.

Read More

Why Linguistics Can’t Always Identify Cyber Attackers’ Nationality

Fahida Y. Rashid, Csoonline.com, June 13, 2017

Malware. Data theft. Ransomware. Everyone wants to know who was behind the latest audacious attack. Several attempts have been made over the years to use linguistics to identify perpetrators, but when it comes to attribution, there are limitations to using this method.

Read More

Hackers Steal 6 Million User Accounts for Cash-for-Surveys Site

Joseph Cox, Motherboard.vice.com, June 14, 2017

In one of the more bizarre data breaches to surface recently, hackers made off with 6 million accounts for CashCrate, a site where users can be paid to complete online surveys, according to a database obtained by Motherboard.

Read More

More Evidence Mac Ransomware Exists

Bill Brenner, Nakedsecurity.sophos.com, June 15, 2017

We’ve been saying it for some time: Mac malware is rare compared to the stuff that targets Windows. But Apple computers are far from immune. This year’s SophosLabs malware forecast included Mac malware geared towards harvesting data, providing covert remote access to thieves and holding files for ransom.

Read More

Kaspersky: Online Banking Hacks Cost Banks Nearly $1.8M Each

Justine Brown, Ciodive.com, June 19, 2017

Cybersecurity incidents involving online banking services cost banks an average of nearly $1.8 million each, according to a new Kaspersky Lab report. That’s about double the cost banks typically pay to recover from a malware incident.

Read More

How to Make Your Employees Care About Cybersecurity: 10 Tips

Alison DeNisco, Techrepublic.com, June 19, 2017

People are the largest security vulnerability in any organization. Here’s some expert advice on how to make cybersecurity training more effective and protect your business.

Read More
financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points