US brokerage firms warned of widespread survey phishing attacks
“The U.S. Financial Industry Regulatory Authority (FINRA) has issued a notice warning member brokerage firms of widespread phishing attacks using surveys to harvest information.”
Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack
“Boom! Mobile’s U.S. website recently fell victim to an e-commerce attack, putting online shoppers in danger of payment-card theft, researchers said.”
Malware campaigns deliver payloads via obscure paste service
Jupiter Threat Labs has identified malware campaigns using legitimate pasting services.
Hackers abuse Windows error service in fileless malware attack
“An unknown hacking group injected malicious code within the legitimate Windows Error Reporting (WER) service”
Truncated URLs Look to Make Big Dent in Phishing
The Chrom86 browser will be tested with a new design to help thwart phishing attacks.
https://www.darkreading.com/risk/truncated-urls-look-to-make-big-dent-in-phishing/a/d-id/1338969
Microsoft Office 365 Phishing Attack Uses Multiple CAPTCHAs
Researchers warn of a continuing attack involving the phishing of Office 365 credentials.
US govt warns of sanction risks for facilitating ransomware payments
“Organizations that assist ransomware victims to make ransom payments are facing sanctions risks as their actions could violate OFAC regulations.”
InterPlanetary Storm Botnet Infects 13K Mac, Android Devices
“In addition to Windows and Linux machines, a new variant of the malware now targets Mac and Android devices.”
Spammers add random text to shortened links to evade detection
Spammers are using a new technique of generating URLs to evade detection by humans and spam filters alike.
Feds Hit with Successful Cyberattack, Data Stolen
“A federal agency has suffered a successful espionage-related cyberattack that led to a backdoor and multistage malware being dropped on its network.”