codes

Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes

Feb 19, 2025 by iHash Leave a Comment

Feb 19, 2025Ravie LakshmananMobile Security / Cyber Espionage Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. "The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the … [Read more...] about Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes

Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting

Jan 16, 2025 by iHash Leave a Comment

Jan 16, 2025Ravie LakshmananSpear Phishing / Threat Intelligence The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims' WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. "Star Blizzard's targets are most commonly related to government or diplomacy … [Read more...] about Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting

Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

Jan 15, 2025 by iHash Leave a Comment

Jan 15, 2025Ravie LakshmananMalvertising / Malware Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. "The scheme consists of stealing as many advertiser accounts as possible by impersonating Google Ads and … [Read more...] about Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

Dec 9, 2024 by iHash Leave a Comment

Dec 09, 2024Ravie LakshmananThreat Intelligence / Malware The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, which is often achieved by … [Read more...] about Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks

Oct 11, 2024 by iHash Leave a Comment

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and … [Read more...] about GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks

Why you shouldn’t scan QR codes in emails

Oct 21, 2023 by iHash Leave a Comment

There’ve been more and more cases of users receiving emails seemingly from large internet companies (for example, Microsoft or its cloud service Office 365) containing QR codes. The body of these emails have a call to action: in a nutshell, scan the QR code to maintain access to your account. This post examines whether it’s worth reacting to such messages. Scan the QR code, or … [Read more...] about Why you shouldn’t scan QR codes in emails

WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

Aug 19, 2023 by iHash Leave a Comment

Aug 19, 2023THNMalvertising / Website Security Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that's engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised … [Read more...] about WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

Apr 25, 2023 by iHash Leave a Comment

Apr 25, 2023Ravie LakshmananPassword Security / Authentication Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) to the cloud. "This change means users are better protected from lockout and that services … [Read more...] about Google Authenticator App Gets Cloud Backup Feature for TOTP Codes

Scammers used phishing QR codes to hijack QQ accounts

Jul 2, 2022 by iHash Leave a Comment

Folks today are generally mostly aware that clicking links from questionable sources, for example in e-mails, isn’t a good idea. However, when it comes to scanning QR codes, people are often much less vigilant. In fact, QR codes can be even more dangerous: while you can check a link with your own eyes before clicking, that’s not the case with a QR code. So perhaps this story … [Read more...] about Scammers used phishing QR codes to hijack QQ accounts

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54