Russian Dutch-domiciled search engine, ride-hailing and email service provider Yandex on Friday disclosed a data breach that compromised 4,887 email accounts of its users. The company blamed the incident on an unnamed employee who had been providing unauthorized access to the users' mailboxes for personal gain. "The employee was one of three system administrators with the … [Read more...] about Yandex Employee Caught Selling Access to Users’ Email Inboxes
Users
How scammers lure Discord users to a fake cryptocurrency exchange
Discord was originally created for gamers, but thanks to its handy system of “servers” (communities), channels, and private messages, it’s brought in all kinds of people, from study groups to common-interest clubs — including fans of cryptocurrency. On their servers, traders discuss the latest on altcoins, investors share predictions, and scammers ponder how to cash in on both. … [Read more...] about How scammers lure Discord users to a fake cryptocurrency exchange
AutoHotkey-Based Password Stealer Targeting US, Canadian Banking Users
Threat actors have been discovered distributing a new credential stealer written in AutoHotkey (AHK) scripting language as part of an ongoing campaign that started early 2020. Customers of financial institutions in the US and Canada are among the primary targets for credential exfiltration, with a specific focus on banks such as Scotiabank, Royal Bank of Canada, HSBC, Alterna … [Read more...] about AutoHotkey-Based Password Stealer Targeting US, Canadian Banking Users
How Organizations Can Prevent Users from Using Breached Passwords
There is no question that attackers are going after your sensitive account data. Passwords have long been a target of those looking to compromise your environment. Why would an attacker take the long, complicated way if they have the keys to the front door? No matter how extensive your security solutions are, protecting the various systems in your environment, your organization … [Read more...] about How Organizations Can Prevent Users from Using Breached Passwords
Trojanized Security Software Hits South Korea Users in Supply-Chain Attack
Cybersecurity researchers took the wraps off a novel supply chain attack in South Korea that abuses legitimate security software and stolen digital certificates to distribute remote administration tools (RATs) on target systems. Attributing the operation to the Lazarus Group, also known as Hidden Cobra, Slovak internet security company ESET said the state-sponsored threat actor … [Read more...] about Trojanized Security Software Hits South Korea Users in Supply-Chain Attack
Watch Out — Microsoft Warns Android Users About A New Ransomware
Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected … [Read more...] about Watch Out — Microsoft Warns Android Users About A New Ransomware
How PayPal users are tricked by online fraudsters
You know how to use PayPal safely, but every day, scammers come up with new tricks to gain access to users’ accounts and empty their pockets digitally. Today we’re sharing some of fraudsters’ most popular schemes. Advance payment fraud It’s not unusual for online scammers to use so-called advance payment fraud, a classic Internet scam, to defraud PayPal users. Victims receive … [Read more...] about How PayPal users are tricked by online fraudsters
Popular iOS SDK Accused of Spying on Billions of Users and Committing Ad Fraud
A popular iOS software development kit (SDK) used by over 1,200 apps—with a total of more than a billion mobile users—is said to contain malicious code with the goal of perpetrating mobile ad-click fraud and capturing sensitive information.According to a report published by cybersecurity firm Snyk, Mintegral — a mobile programmatic advertising platform owned by Chinese mobile … [Read more...] about Popular iOS SDK Accused of Spying on Billions of Users and Committing Ad Fraud
Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products.This month's Patch Tuesday updates address a total of 120 newly discovered software vulnerabilities, of which 17 are critical, and the rest are important in severity.In a nutshell, your Windows computer can be hacked … [Read more...] about Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Flaws in Samsung Phones Exposed Android Users to Remote Attacks
New research disclosed a string of severe security vulnerabilities in the 'Find My Mobile'—an Android app that comes pre-installed on most Samsung smartphones—that could have allowed remote attackers to track victims' real-time location, monitor phone calls, and messages, and even delete data stored on the phone.Portugal-based cybersecurity services provider Char49 revealed its … [Read more...] about Flaws in Samsung Phones Exposed Android Users to Remote Attacks