Archive

Posts Tagged ‘Cybersecurity’

Saudi IT Providers Hit in Cyber Espionage Operation

September 18, 2019 Leave a comment

Symantec identifies new ‘Tortoiseshell’ nation-state group as the attackers.

from Dark Reading: https://ift.tt/2Oabx0C
via IFTTT

WannaCry Detections At An All-Time High

September 18, 2019 Leave a comment

More than 12,000 variants of the infamous malware are targeting systems that are still open to the EternalBlue exploit – but the potential danger is low, Sophos warns.

from Dark Reading: https://ift.tt/32LGbBa
via IFTTT

How Cybercriminals Exploit Simple Human Mistakes

September 18, 2019 Leave a comment

A new report explores how attackers identify psychological vulnerabilities to effectively manipulate targets.

from Dark Reading: https://ift.tt/2Ie8O29
via IFTTT

Before He Spammed You, this Sly Prince Stalked Your Mailbox

September 18, 2019 Leave a comment

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything.

In truth these old fashioned “advance fee” or “419” scams predate email and have circulated via postal mail in various forms and countries over the years.

The recent one pictured below asks for help in laundering some $11.6 million from an important dead person that anyway has access to a secret stash of cash. Any suckers who bite are strung along for weeks while imaginary extortionists or crooked employees at these bureaucratic institutions demand licenses, bribes or other payments before disbursing any funds. Those funds never arrive, no matter how much money the sucker gives up.

This type of “advance fee” or “419” scam letter is common in spam, probably less so via USPS.

It’s easy to laugh at this letter, because it’s sometimes funny when scammers try so hard. But then again, maybe the joke’s on us because sending these scams via USPS makes them even more appealing to the people most vulnerable: Older individuals with access to cash but maybe not all their marbles. 

Sure, the lure costs $.55 up front. But a handful of successful responses to thousands of mailers could net fortunes for these guys phishing it old school.

The losses from these types of scams are sometimes hard to track because so many go unreported. But they are often perpetrated by the same people involved in romance scams online and in so-called ‘business email compromise” or BEC fraud, wherein the scammers try to spoof the boss at a major company in a bid to get wire payment for an “urgent” (read: fraudulent) invoice.

These scam letters are sometimes called 419 scams in reference to the penal code for dealing with such crimes in Nigeria, a perennial source of 419 letter schemes. A recent bust of a Nigerian gang targeted by the FBI gives some perspective on the money-making abilities of a $10 million ring that was running these scams all day long.

Reportedly, in the first seven months of 2019 alone the FBI received nearly 14,000 complaints reporting BEC scams with a total loss of around $1.1 billion—a figure that nearly matches losses reported for all of 2018.

from Krebs on Security https://ift.tt/30pKLUo
via IFTTT

The Top ‘Human Hacks’ to Watch For Now

September 18, 2019 Leave a comment

Social engineering is as old as mankind. But its techniques have evolved with time. Here are the latest tricks criminals are using to dupe end users.

from Dark Reading: https://ift.tt/2NndHtY
via IFTTT

Github Becomes CVE Numbering Authority, Acquires Semmle

September 18, 2019 Leave a comment

Latest moves will make it much more likely that vulnerabilities in open source projects will be found and reported, GitHub says.

from Dark Reading: https://ift.tt/32Ow6U7
via IFTTT

DevSecOps: Recreating Cybersecurity Culture

September 18, 2019 Leave a comment

Bringing developers and security teams together guided by a common goal requires some risk-taking. With patience and confidence, it will pay off. Here’s how.

from Dark Reading: https://ift.tt/2V4cHMq
via IFTTT