Information Security newsfeeds from around the world in English and French. Find it all in one place… here.
Qakbot, also known as QBot or Pinkslipbot, is a banking trojan that has been active since 2007. It has been primarily used by financially motivated actors, initially it was known as a banking Trojan and a loader using C2 servers for payload delivery; however, over time as the scope widened, its use also expanded […]
Continue Reading94 % des cyberattaques sont aujourd’hui initiées via la boîte email, faisant de ce canal le principal vecteur de fraude en ligne. La plupart du temps, les pirates informatiques créent des leurres liés à l’actualité (COVID-19, impôts…) et usurpent les noms de domaines d’entreprises reconnues ou d’organisations légitimes pour piéger leurs victimes. The post Le CAC […]
Continue ReadingEn matière de sensibilisation des utilisateurs, la simulation d’attaques de phishing est à la mode. Si ce type de tests présente un réel intérêt, il faut faire attention à ne pas en faire le dispositif central de sa stratégie de sensibilisation. Parlons tout d’abord des points forts de ce type d’opérations. The post Tests phishings […]
Continue ReadingLatest episode – listen now! (And please share with your friends.) Source: Naked Security Sophos New feed
Continue ReadingThe United States Department of Defense this week announced an expansion of the scope of its vulnerability disclosure program to include all of its publicly accessible information systems. read more Source: Security Week
Continue ReadingA new threat actor that appears to be financially motivated has targeted many organizations in the United States and other countries using several new pieces of malware, FireEye reported on Tuesday. read more Source: Security Week
Continue Reading
Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of […]
Continue ReadingBy Habiba Rashid The website was scamming users in the name of providing the COVID-19 vaccine but actually collecting their personal data for malicious purposes. This is a post from HackRead.com Read the original post: Feds seize fraud domain claiming to provide COVID-19 vaccine Source: hack read com
Continue ReadingHere’s the latest Naked Security talk – watch now! Source: Naked Security Sophos New feed
Continue Reading
Quarterly highlights Banking phishing: new version of an old scheme In Q1 2021, new banking scams appeared alongside ones that are more traditional. Clients of several Dutch banks faced a phishing attack using QR codes. The fraudsters invited the victim to scan a QR code in an email, ostensibly to unblock mobile banking. In actual […]
Continue Reading