social engineering

Mailchimp says an internal tool was used to breach hundreds of accounts

Email marketing giant Mailchimp has confirmed a data breach after malicious hackers compromised an internal company tool to gain access to customer accounts. In a statement given to TechCrunch, Mailch

US charges four Russian spies for hacking Saudi oil facility and US nuclear power plant

The U.S. Department of Justice has announced charges against four Russian government employees for a years-long hacking campaign targeting critical infrastructure, including a U.S. nuclear power oper

Data-stealing app found in Google Play downloaded thousands of times

A notorious Android banking trojan designed to steal user data, like passwords and text messages, has been discovered in Google Play and downloaded thousands of times. The TeaBot banking trojan, also

FTC: US consumers lost $770 million in social media scams in 2021, up 18x from 2017

A growing number of U.S. consumers are getting scammed on social media, according to a new report by the Federal Trade Commission (FTC), which revealed that consumers lost $770 million to social media

Hackers are targeting employees returning to the post-COVID office

With COVID-19 restrictions lifting and employees starting to make their way back into offices, hackers are being forced to change tack. While remote workers have been scammers’ main target for the p

Click Studios asks customers to stop tweeting about its Passwordstate data breach

Australian security software house Click Studios has told customers not to post emails sent by the company about its data breach, which allowed malicious hackers to push a malicious update to its fla

Facebook caught Chinese hackers using fake personas to target Uyghurs abroad

Facebook on Wednesday announced new actions to disrupt a network of China-based hackers leveraging the platform to compromise targets in the Uyghur community. The group, known to security researchers

Microsoft says Iranian hackers targeted ‘high profile’ conference attendees

Microsoft says hackers backed by the Iranian government targeted over 100 high-profile potential attendees of two international security and policy conferences. The group, known as Phosphorus (or APT

Decrypted: How Twitter was hacked, GitHub DMCA backfires

One week to the U.S. presidential election and things are getting spicy. It’s not just the rhetoric — hackers are actively working to disrupt the election, officials have said, and last week t

HacWare wants you to hate email security a little less

Let’s face it, email security is something a lot of people would rather think less about. When you’re not deluged with a daily onslaught of phishing attacks trying to steal your passwords,

Decrypted: Uber’s former security chief charged, FBI’s ‘vishing’ warning

A lot happened in cybersecurity over the past week. The University of Utah paid almost half a million dollars to stop hackers from leaking sensitive student data after a ransomware attack. Two major A

Twitter says ‘phone spear phishing attack’ used to gain network access in crypto scam breach

Twitter has revealed a little more detail about the security breach it suffered earlier this month when a number of high-profile accounts were hacked to spread a cryptocurrency scam — writing in

Apple, Biden, Musk and other high-profile Twitter accounts hacked in crypto scam

A number of high-profile Twitter accounts were simultaneously hacked on Wednesday by attackers who used the accounts — some with millions of followers — to spread a cryptocurrency scam. Apple, Elo

Microsoft secretly seized domains used in COVID-19-themed email cyberattacks

A court granted Microsoft's request to take control of the domains used by the scammers.

Google says Iranian, Chinese hackers targeted Trump, Biden campaigns

Google security researchers say they’ve identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns. Shane Huntley, director for Google&#821

Anti-phishing startup Inky raises $20M to ramp up enterprise adoption

Anti-phishing startup Inky has raised $20 million in its Series B round of funding, led by Insight Partners. The funding will help the company push for greater enterprise adoption and expand to intern

What you need to know about COVID-19-related cyberattacks

Attack methods logically exploit changes in the global environment. Mass working over remote connection leads to mass remote login activity.

Red teams OK to push ethical limits but not on themselves, study says

Wake up, make breakfast, get the kids to school, drive to work, break into the chief financial officer’s inbox and steal the entire company’s employee tax records. Maybe later you’ll

Most of the largest US voting districts are vulnerable to email spoofing

Only 5% of the largest voting counties in the U.S. are protected against email impersonation and phishing attacks, seen as a key attack method by hackers who officials say want to disrupt the upcoming

Facebook bowed to a Singapore government order to brand a news post as false

Facebook added a correction notice to a post by a fringe news site that Singapore’s government said contained false information. It’s the first time the government has tried to enforce a new l
Load More