#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

phishing attack | Breaking Cybersecurity News | The Hacker News

How SMBs Can Mitigate the Growing Risk of File-based Attacks

How SMBs Can Mitigate the Growing Risk of File-based Attacks

Oct 02, 2019
Cases of document-based malware are steadily rising. 59 percent of all malicious files detected in the first quarter of 2019 were contained in documents. Due to how work is done in today's offices and workplaces, companies are among those commonly affected by file-based attacks. Since small to medium businesses (SMBs) usually lack the kind of security that protects their larger counterparts, they have a greater risk of being affected. Falling victim to file-based malware can cause enormous problems for SMBs. An attack can damage critical data stored in the organization's computers. Such loss can force a company to temporarily halt operations, resulting in financial losses. If a customer's private and financial information is compromised, the company may also face compliance inquiries and lawsuits. Their reputations could also take a hit, discouraging customers from doing business with them. But despite these risks, SMBs still invest very little in cybersecurity
Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

Just An SMS Could Let Remote Attackers Access All Your Emails, Experts Warn

Sep 04, 2019
Beware! Billion of Android users can easily be tricked into changing their devices' critical network settings with just an SMS-based phishing attack. Whenever you insert a new SIM in your phone and connects to your cellular network for the very first time, your carrier service automatically configures or sends you a message containing network-specific settings required to connect to data services. While manually installing it on your device, have you ever noticed what configurations these messages, technically known as OMA CP messages, include? Well, believe me, most users never bother about it if their mobile Internet services work smoothly. But you should worry about these settings, as installing untrusted settings can put your data privacy at risk, allowing remote attackers to spy on your data communications, a team of cybersecurity researchers told The Hacker News. Mobile carriers send OMA CP (Open Mobile Alliance Client Provisioning) messages containing APN settin
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Hacker Ordered to Pay Back Nearly ÂŁ1 Million to Phishing Victims

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

Aug 23, 2019
A prolific hacker who carried out phishing scams against hundreds of companies worldwide has been ordered to pay back more than $1.1 million (over £922,000) worth of cryptocurrencies to his victims. Grant West , a 27-year-old resident of Kent, England, targeted several well-known companies around the world since 2015 to obtain the financial data of tens of thousands of customers and then sold that data on underground forums in exchange for Bitcoins or other cryptocurrencies. West, who operated under the online moniker of 'Courvoisier,' stashed the resulting cryptocurrencies in multiple accounts and wallets, which was confiscated by the Metropolitan police after West's arrest in September 2017 following a two-year-long investigation code-named ' Operation Draba .' Metropolitan Police Cyber Crime Unit (MPCCU) also seized an SD card from West's home, which contained approximately 78 million individual usernames and passwords as well as 63,000 credit and de
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Android's Built-in Security Key Now Works With iOS Devices For Secure Login

Android's Built-in Security Key Now Works With iOS Devices For Secure Login

Jun 12, 2019
In April this year, a software update from Google overnight turned all Android phones , running Android 7.0 Nougat and up, into a FIDO-certified hardware security key as part of a push to encourage two-step verification. The feature made it possible for users to confirm their identity when logging into a Google account more effortless and secure, without separately managing and plugging-in a Yubico's YubiKey or Google's Titan key . "FIDO security keys provide the strongest protection against automated bots, bulk phishing, and targeted attacks by leveraging public key cryptography to verify your identity and URL of the login page, so that an attacker can't access your account even if you are tricked into providing your username and password," Google said . Android's security key feature until now was only compatible with Bluetooth-enabled Chrome OS, macOS, or Windows 10 devices over the Chrome browser. However, the latest update from Google now allow
Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks

May 08, 2019
A bug hunter has discovered and publicly disclosed details of an unpatched browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android. Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically in China and India, with a massive user base of more than half a billion users worldwide. According to the details security researcher Arif Khan shared with The Hacker News, the vulnerability resides in the way User Interface on both browsers handles a special built-in feature that was otherwise designed to improve users Google search experience. The vulnerability, which has yet not assigned any CVE identifier, could allow an attacker to control URL string displayed in the address bar, eventually letting a malicious website to pose as some legitimate site. The vulnerability affects the latest UC Browser version 12.11.2.1184 and UC Browser Mini version 12.10.1.1192—that is current
BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

BEWARE – New 'Creative' Phishing Attack You Really Should Pay Attention To

Mar 11, 2019
A cybersecurity researcher who last month warned of a creative phishing campaign has now shared details of a new but similar attack campaign with The Hacker News that has specifically been designed to target mobile users. Just like the previous campaign, the new phishing attack is also based on the idea that a malicious web page could mimic look and feel of the browser window to trick even the most vigilant users into giving away their login credentials to attackers. Antoine Vincent Jebara , co-founder and CEO of password managing software Myki , shared a new video with The Hacker News, demonstrating how attackers can reproduce native iOS behavior, browser URL bar and tab switching animation effects of Safari in a very realistic manner on a web-page to present fake login pages, without actually opening or redirecting users to a new tab. New Phishing Attack Mimics Mobile Browser Animation and Design As you can see in the video, a malicious website that looks like Airbnb pro
WARNING – New Phishing Attack That Even Most Vigilant Users Could Fall For

WARNING – New Phishing Attack That Even Most Vigilant Users Could Fall For

Feb 15, 2019
How do you check if a website asking for your credentials is fake or legit to log in? By checking if the URL is correct? By checking if the website address is not a homograph? By checking if the site is using HTTPS? Or using software or browser extensions that detect phishing domains? Well, if you, like most Internet users, are also relying on above basic security practices to spot if that " Facebook.com " or " Google.com " you have been served with is fake or not, you may still fall victim to a newly discovered creative phishing attack and end up in giving away your passwords to hackers. Antoine Vincent Jebara , co-founder and CEO of password managing software Myki , told The Hacker News that his team recently spotted a new phishing attack campaign "that even the most vigilant users could fall for." Vincent found that cybercriminals are distributing links to blogs and services that prompt visitors to first " login using Facebook acco
Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Jan 10, 2019
Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks. Safe Links has been included by Microsoft in Office 365 as part of its ATP (Advanced Threat Protection) solution that works by replacing all URLs in an incoming email with Microsoft-owned secure URLs. Therefore, every time users click on a link provided in an email, Safe Links first sends them to a Microsoft owned domain, where it immediately checks the original link for anything suspicious. If Microsoft's security scanners detect any malicious element, it then warns the users about it, and if not, it redirects them to the original link. However, researchers at the cloud security company Avanan have revealed how attackers have been bypassing both Office 365's URL reputation check a
GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

GhostDNS: New DNS Changer Botnet Hijacked Over 100,000 Routers

Oct 01, 2018
Chinese cybersecurity researchers have uncovered a widespread, ongoing malware campaign that has already hijacked over 100,000 home routers and modified their DNS settings to hack users with malicious web pages—especially if they visit banking sites—and steal their login credentials. Dubbed GhostDNS , the campaign has many similarities with the infamous DNSChanger malware that works by changing DNS server settings on an infected device, allowing attackers to route the users' internet traffic through malicious servers and steal sensitive data. According to a new report from cybersecurity firm Qihoo 360's NetLab, just like the regular DNSChanger campaign, GhostDNS scans for the IP addresses for routers that use weak or no password at all, accesses the routers' settings, and then changes the router's default DNS address to the one controlled by the attackers. GhostDNS System: List of Modules and Sub-Modules The GhostDNS system mainly includes four modules:
Hacker Who Leaked Celebrities' Personal Photos Gets 8 Months in Prison

Hacker Who Leaked Celebrities' Personal Photos Gets 8 Months in Prison

Aug 31, 2018
George Garofano (left) The fourth celebrity hacker—who was charged earlier this year with hacking into over 250 Apple iCloud accounts belonged to Jennifer Lawrence and other Hollywood celebrities—has been sentenced to eight months in prison. Earlier this year, George Garofano, 26, of North Branford, admitted to illegally obtaining credentials of his victims' iCloud accounts using a phishing scheme, carried out from April 2013 to October 2014, in which he posed as a member of Apple's security team and tricked victims into revealing their iCloud credentials. Using stolen credentials, Garofano then managed to steal victims' personal information, including their sensitive and intimate photographs and videos, from their iCloud accounts, and then leaked them on online forums, like 4Chan. Among the victims were Jennifer Lawrence, Kim Kardashian , Kirsten Dunst, Kate Upton, American Olympic gold medallist Misty May Treanor and actors Alexandra Chando, Kelli Garner and
Microsoft Detects More Russian Cyber Attacks Ahead of Mid-Term Election

Microsoft Detects More Russian Cyber Attacks Ahead of Mid-Term Election

Aug 21, 2018
Microsoft claims to have uncovered another new Russian hacking attempts targeting United States' Senate and conservative think tanks ahead of the 2018 midterm elections. The tech giant said Tuesday that the APT28 hacking group—also known as Strontium, Fancy Bear , Sofacy, Sednit, and Pawn Storm, which is believed to be tied to the Russian government—created at least six fake websites related to US Senate and conservative organizations to trick its visitors and hack into their computers. Three fake web domains were intended to look as if they belonged to the U.S. Senate, while one non-political website spoofed Microsoft's own online products. The two other phony websites were designed to mimic two U.S. conservative organizations: The Hudson Institute — a conservative Washington think tank hosting extended discussions on topics including cybersecurity, among other important activities. The International Republican Institute (IRI) — a nonprofit group that promotes
Email Phishers Using New Way to Bypass Microsoft Office 365 Protections

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections

Aug 15, 2018
Phishing works no matter how hard a company tries to protect its customers or employees. Security researchers have been warning of a new phishing attack that cybercriminals and email scammers are using in the wild to bypass the Advanced Threat Protection (ATP) mechanism implemented by widely used email services like Microsoft Office 365. Microsoft Office 365 is an all-in-solution for users that offers several different online services, including Exchange Online, SharePoint Online, Lync Online and other Office Web Apps, like Word, Excel, PowerPoint, Outlook and OneNote. On the top of these services, Microsoft also offers an artificial intelligence and machine learning powered security protection to help defend against potential phishing and other threats by going one level deep to scan the links in the email bodies to look for any blacklisted or suspicious domain. But as I said, phishers always find a way to bypass security protections in order to victimize users. Just over
Microsoft Says Russia Tried to Hack Three 2018 Midterm Election Candidates

Microsoft Says Russia Tried to Hack Three 2018 Midterm Election Candidates

Jul 19, 2018
Microsoft said it detected and helped the US government to block Russian hacking attempts against at least three congressional candidates this year, a Microsoft executive revealed speaking at the Aspen Security Forum today. Although the company refused to name the targets but said, the three candidates were "people who, because of their positions, might have been interesting targets from an espionage standpoint as well as an election disruption standpoint." According to the company, the Russian hackers targeted the candidates' staffers with phishing attacks, redirecting them to a fake Microsoft website, in an attempt to steal their credentials. "Earlier this year, we did discover that a fake Microsoft domain had been established as the landing page for phishing attacks," said Tom Burt, Microsoft's vice president for customer security. "And we saw metadata that suggested those phishing attacks were being directed at three candidates who are all sta
Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links

Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links

May 08, 2018
Security researchers revealed a way around that some hacking groups have been found using in the wild to bypass a security feature of Microsoft Office 365, which is originally designed to protect users from malware and phishing attacks. Dubbed Safe Links, the feature has been included in Office 365 software as part of Microsoft's Advanced Threat Protection (ATP) solution that works by replacing all URLs in an incoming email with Microsoft-owned secure URLs. So, every time a user clicks on a link provided in an email, it first sends the user to a Microsoft owned domain, where the company immediately checks the original URL for anything suspicious. If Microsoft's scanners detect any malicious element, it then warns users about it, and if not, it redirects the user to the original link. However, researchers at cloud security company Avanan have revealed how attackers have been bypassing the Safe Links feature by using a technique called, " baseStriker attack ."
Two Romanian Hackers Extradited to the U.S. Over $18 Million Vishing Scam

Two Romanian Hackers Extradited to the U.S. Over $18 Million Vishing Scam

May 08, 2018
Two Romanian hackers have been extradited to the United States to face 31 criminal charges including computer fraud and abuse, wire fraud conspiracy, wire fraud, and aggravated identity theft. Described as "international computer hackers" by the United States Department of Justice, Teodor Laurentiu Costea , 41, and Robert Codrut Dumitrescu , 40, allegedly rob Americans of more than $18 million in an elaborate phishing scheme. Costea and Dumitrescu were named in the 31-count federal grand jury indictment on August 16 last year and were accused last week in the Northern District of Georgia following their extradition. Another co-defendant, Cosmin Draghici, 28, remains in custody in Romania awaiting his extradition to the United States. "These extraditions send a strong warning to cybercriminals and fraudsters worldwide, that we, along with our law-enforcement partners, will work tirelessly to bring you to justice," said U. S. Attorney Byung J. "BJay&q
Scam Alert: Your Trusted Friends Can Hack Your Facebook Account

Scam Alert: Your Trusted Friends Can Hack Your Facebook Account

Oct 13, 2017
If you receive a message from any of your Facebook Friends asking for urgent help to recover their Facebook account, since they've added you as one of their ' Trusted Contacts '—just don't blindly believe it. Researchers have detected a new Facebook phishing scam that can even trick an experienced technical user into falling victim to the scam, helping an attacker gain access to your Facebook account. This latest social media scam is abusing "Trusted Contact"—a Facebook account recovery feature that sends secret access codes to a few of your close friends in order to help you regain access to your Facebook account in case you forget your password or lost access to your account. According to a public security alert published by AccessNow, the attack initiates by an already compromised account of one of your friends, asking for urgent help to get back into his/her Facebook account. The attacker explains that you are listed as one of his/her Trusted Conta
Gmail for iOS Adds Anti-Phishing Feature that Warns of Suspicious Links

Gmail for iOS Adds Anti-Phishing Feature that Warns of Suspicious Links

Aug 14, 2017
Phishing — is an older style of cyber-attack but remains one of the most common and efficient attack vectors for attackers, as a majority of banking malware and various ransomware attacks begin with a user clicking on a malicious link or opening a dangerous attachment in an email. Phishing has evolved than ever before in the past few years – which is why it remains one of those threats that we have been combating for many years. We have seen phishing campaigns that are so convincing and effective that even tech-savvy people can be tricked into giving away their credentials to hackers. And some that are " almost impossible to detect " and used to trick even the most careful users on the Internet. To help combat this issue, Google has introduced a security defence for it's over a billion users that will help users weed out phishing emails from their Gmail inbox. Google has rolled out new anti-phishing security checks for its Gmail app for iPhone users that will
Hackers Hijacked Chrome Extension for Web Developers With Over 1 Million Users

Hackers Hijacked Chrome Extension for Web Developers With Over 1 Million Users

Aug 03, 2017
From past few years, spammers and cyber criminals were buying web extensions from their developers and then updating them without informing their users to inject bulk advertisements into every website user visits in order to generate large revenue. But now they have shifted their business model—instead of investing, spammers have started a new wave of phishing attacks aimed at hijacking popular browser extensions. Just two days ago, we reported how cyber criminals managed to compromise the Chrome Web Store account of a German developer team and hijacked Copyfish extension , and then modified it with ad-injection capabilities to distribute spam correspondence to users. Now just yesterday, another popular Chrome extension ' Web Developer ' was hijacked by some unknown attackers, who updated the software to directly inject advertisements into the web browser of over its 1 million users. Chris Pederick , the creator of Web Developer Chrome extension that offers various w
Cybersecurity Resources