The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: phishing attack

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

COVID-19: Hackers Begin Exploiting Zoom's Overnight Success to Spread Malware

March 30, 2020Ravie Lakshmanan
As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices. According to a report published by Check Point and shared with The Hacker News, over 1,700 new "Zoom" domains have been registered since the onset of the pandemic, with 25 percent of the domains registered in the past seven days alone. "We see a sharp rise in the number of 'Zoom' domains being registered, especially in the last week," said Omer Dembinsky, Manager of Cyber Research at Check Point . "The recent, staggering increase means that hackers have taken notice of the work-from-home paradigm shift that COVID-19 has forced, and they see it as an opportunity to deceive, lure,
How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats

How CISOs Should Prepare for Coronavirus Related Cybersecurity Threats

March 18, 2020The Hacker News
The Coronavirus is hitting hard on the world's economy, creating a high volume of uncertainty within organizations. Cybersecurity firm Cynet today revealed new data, showing that the Coronavirus now has a significant impact on information security and that the crisis is actively exploited by threat actors. In light of these insights, Cynet has also shared a few ways to best prepare for the Coronavirus derived threat landscape and provides a solution ( learn more here ) to protect employees that are working from home with their personal computers because of the Coronavirus. The researchers identify two main trends – attacks that aim to steal remote user credentials and weaponized email attacks: Remote User Credential Theft The direct impact of the Coronavirus is a comprehensive quarantine policy that compels multiple organizations to allow their workforce to work from home to maintain business continuity. This inevitably entails shifting a significant portion of the wor
Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

Hackers Created Thousands of Coronavirus (COVID-19) Related Sites As Bait

March 18, 2020Ravie Lakshmanan
As the world comes to grips with the coronavirus pandemic , the situation has proven to be a blessing in disguise for threat actors, who've taken advantage of the opportunity to target victims with scams or malware campaigns. Now, according to a new report published by Check Point Research today and shared with The Hacker News, hackers are exploiting the COVID-19 outbreak to spread their own infections, including registering malicious Coronavirus-related domains and selling discounted off-the-shelf malware in the dark web. "Special offers by different hackers promoting their 'goods' — usually malicious malware or exploit tools — are being sold over the darknet under special offers with 'COVID19' or 'coronavirus' as discount codes, targeting wannabe cyber-attackers," the cybersecurity firm said. COVID-19 Discounts: Exploit Tools for Sale The report comes following an uptick in the number of malicious coronavirus-related domains that hav
Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing

Why Minimizing Human Error is the Only Viable Defense Against Spear Phishing

February 25, 2020The Hacker News
Phishing attacks have become one of the business world's top cybersecurity concerns. These social engineering attacks have been rising over the years, with the most recent report from the Anti-Phishing Working Group coalition identifying over 266,000 active spoofed websites, which is nearly double the number detected during Q4 2018. Hackers have evolved their methods, from regular phishing attacks to spear phishing, where they use email messages disguised as coming from legitimate sources to dupe specific individuals. This is why the global spear phishing protection software market is estimated to reach $1.8 billion by 2025. However, conventional defenses can still fall short due to one particular weakness in the security perimeter – the human factor. Indeed, some 33 percent of 2019's data breaches involved humans falling victim to social engineering attacks. And given how sophisticated and creative the phishing perpetrators have been getting, it's easy to see h
BitDam Study Exposes High Miss Rates of Leading Email Security Systems

BitDam Study Exposes High Miss Rates of Leading Email Security Systems

January 21, 2020The Hacker News
Imagine receiving an email from US VP Mike Pence's official email account asking for help because he has been stranded in the Philippines. Actually, you don't have to. This actually happened. Pence's email was hacked when he was still the governor of Indiana, and his account was used to attempt to defraud several people. How did this happen? Is it similar to how the DNC server was hacked? Email hacking is one of the most widespread cyber threats at present. It is estimated that around 8 out of 10 people who use the internet have received some form of phishing attack through their emails. Additionally, according to Avanan's 2019 Global Phish Report , 1 in 99 emails is a phishing attack. BitDam is aware of how critical emails are in modern communication. BitDam published a new study on the email threat detection weaknesses of the leading players in email security, and the findings command attention. The research team discovered how Microsoft's Office365
Use iPhone as Physical Security Key to Protect Your Google Accounts

Use iPhone as Physical Security Key to Protect Your Google Accounts

January 16, 2020Mohit Kumar
Great news for iOS users! You can now use your iPhone or iPad, running iOS 10 or later, as a physical security key for securely logging into your Google account as part of the Advanced Protection Program for two-factor authentication. Android users have had this feature on their smartphones since last year, but now Apple product owners can also use this advanced, phishing-resistant form of authentication as an alternative to a physical security key. Adding extra security later of two-step authentication is one of the more essential steps you can take to secure your online accounts, which makes it harder for attackers to log in to your account, especially when they steal your password. "According to a study we [Google] released last year, people who exclusively used security keys to sign into their accounts never fell victim to targeted phishing attacks," said Shuvo Chatterjee, Product Manager at Google's Advanced Protection Program. Google recently update
Over 12,000 Google Users Hit by Government Hackers in 3rd Quarter of 2019

Over 12,000 Google Users Hit by Government Hackers in 3rd Quarter of 2019

November 27, 2019Wang Wei
As part of its active efforts to protect billions of online users, Google identified and warned over 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year. According to a report published by Google's Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with " credential phishing emails " that tried to trick victims into handing over access to their Google account. Google's TAG tracks over 270 government-backed hacking groups from over 50 countries that are involved in intelligence collection, stealing intellectual property, destructive cyber attacks, targeting dissidents, journalists, and activists, or spreading coordinated disinformation. The alerts were sent to targeted users between July and September 2019, which is consistent within a +/-10 percent range of the number of phishing email warnings sent in the same period of 2018 and 2017, the company said. These warnings u
New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks

New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks

November 14, 2019Swati Khandelwal
Security researchers have tracked down activities of a new group of financially-motivated hackers that are targeting several businesses and organizations in Germany, Italy, and the United States in an attempt to infect them with backdoor, banking Trojan, or ransomware malware. Though the new malware campaigns are not customized for each organization, the threat actors appear to be more interested in businesses, IT services, manufacturing, and healthcare industries who possess critical data and can likely afford high ransom payouts. According to a report ProofPoint shared with The Hacker News, the newly discovered threat actors are sending out low-volume emails impersonating finance-related government entities with tax assessment and refund lured emails to targeted organizations. "Tax-themed Email Campaigns Target 2019 Filers, finance-related lures have been used seasonally with upticks in tax-related malware and phishing campaigns leading up to the annual tax filing deadlines in
How SMBs Can Mitigate the Growing Risk of File-based Attacks

How SMBs Can Mitigate the Growing Risk of File-based Attacks

October 02, 2019The Hacker News
Cases of document-based malware are steadily rising. 59 percent of all malicious files detected in the first quarter of 2019 were contained in documents. Due to how work is done in today's offices and workplaces, companies are among those commonly affected by file-based attacks. Since small to medium businesses (SMBs) usually lack the kind of security that protects their larger counterparts, they have a greater risk of being affected. Falling victim to file-based malware can cause enormous problems for SMBs. An attack can damage critical data stored in the organization's computers. Such loss can force a company to temporarily halt operations, resulting in financial losses. If a customer's private and financial information is compromised, the company may also face compliance inquiries and lawsuits. Their reputations could also take a hit, discouraging customers from doing business with them. But despite these risks, SMBs still invest very little in cybersecurity
Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

September 04, 2019Mohit Kumar
Beware! Billion of Android users can easily be tricked into changing their devices' critical network settings with just an SMS-based phishing attack. Whenever you insert a new SIM in your phone and connects to your cellular network for the very first time, your carrier service automatically configures or sends you a message containing network-specific settings required to connect to data services. While manually installing it on your device, have you ever noticed what configurations these messages, technically known as OMA CP messages, include? Well, believe me, most users never bother about it if their mobile Internet services work smoothly. But you should worry about these settings, as installing untrusted settings can put your data privacy at risk, allowing remote attackers to spy on your data communications, a team of cybersecurity researchers told The Hacker News. Mobile carriers send OMA CP (Open Mobile Alliance Client Provisioning) messages containing APN settin
Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

August 23, 2019Wang Wei
A prolific hacker who carried out phishing scams against hundreds of companies worldwide has been ordered to pay back more than $1.1 million (over £922,000) worth of cryptocurrencies to his victims. Grant West , a 27-year-old resident of Kent, England, targeted several well-known companies around the world since 2015 to obtain the financial data of tens of thousands of customers and then sold that data on underground forums in exchange for Bitcoins or other cryptocurrencies. West, who operated under the online moniker of 'Courvoisier,' stashed the resulting cryptocurrencies in multiple accounts and wallets, which was confiscated by the Metropolitan police after West's arrest in September 2017 following a two-year-long investigation code-named ' Operation Draba .' Metropolitan Police Cyber Crime Unit (MPCCU) also seized an SD card from West's home, which contained approximately 78 million individual usernames and passwords as well as 63,000 credit and de
Android's Built-in Security Key Now Works With iOS Devices For Secure Login

Android's Built-in Security Key Now Works With iOS Devices For Secure Login

June 12, 2019Mohit Kumar
In April this year, a software update from Google overnight turned all Android phones , running Android 7.0 Nougat and up, into a FIDO-certified hardware security key as part of a push to encourage two-step verification. The feature made it possible for users to confirm their identity when logging into a Google account more effortless and secure, without separately managing and plugging-in a Yubico's YubiKey or Google's Titan key . "FIDO security keys provide the strongest protection against automated bots, bulk phishing, and targeted attacks by leveraging public key cryptography to verify your identity and URL of the login page, so that an attacker can't access your account even if you are tricked into providing your username and password," Google said . Android's security key feature until now was only compatible with Bluetooth-enabled Chrome OS, macOS, or Windows 10 devices over the Chrome browser. However, the latest update from Google now allow
Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

May 08, 2019Wang Wei
A bug hunter has discovered and publicly disclosed details of an unpatched browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically in China and India, with a massive user base of more than half a billion users worldwide. According to the details security researcher Arif Khan shared with The Hacker News, the vulnerability resides in the way User Interface on both browsers handles a special built-in feature that was otherwise designed to improve users Google search experience. The vulnerability, which has yet not assigned any CVE identifier, could allow an attacker to control URL string displayed in the address bar, eventually letting a malicious website to pose as some legitimate site. The vulnerability affects the latest UC Browser version 12.11.2.1184 and UC Browser Mini version 12.10.1.1192—that is current
BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

March 11, 2019Mohit Kumar
A cybersecurity researcher who last month warned of a creative phishing campaign has now shared details of a new but similar attack campaign with The Hacker News that has specifically been designed to target mobile users. Just like the previous campaign, the new phishing attack is also based on the idea that a malicious web page could mimic look and feel of the browser window to trick even the most vigilant users into giving away their login credentials to attackers. Antoine Vincent Jebara , co-founder and CEO of password managing software Myki , shared a new video with The Hacker News, demonstrating how attackers can reproduce native iOS behavior, browser URL bar and tab switching animation effects of Safari in a very realistic manner on a web-page to present fake login pages, without actually opening or redirecting users to a new tab. New Phishing Attack Mimics Mobile Browser Animation and Design As you can see in the video, a malicious website that looks like Airbnb pro
Exclusive Offers

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.