Phishing Attack - Security Intelligence

Website owner discovering an extortion scam on her laptop.

news

Extortion Scam Threatens Website Owners With Reputational Damage

A new extortion scam uses the threat of reputational damage to persuade website owners to pay a ransom fee.

June 11, 2019 | By David Bisson

news

A user falling victim to a phishing scam.

news

Phishing Scam Leverages Fake List of Undelivered Emails to Trick Users Into Clicking

Researchers discovered a phishing scam that leverages a fake list of undelivered emails to trick users into clicking and offering up their login credentials.

June 4, 2019 | By David Bisson

news

New XLoader Variant Masquerades as Android Security Apps, iOS Configuration Profile

Security researchers observed a new variant of XLoader masquerading as Android security apps and an iOS configuration profile to target mobile users.

April 3, 2019 | By David Bisson

news

Two nurses entering medical records on a computer: HIPAA breach

news

Personal Health Details of More Than 350,000 Oregonians Potentially Exposed in HIPAA Breach

Unauthorized individuals compromised and potentially exposed more than 350,000 Oregonians' protected health information (PHI) in a HIPAA breach.

March 25, 2019 | By David Bisson

news

Businesswoman checking her email: brute-force attack

news

Brute-Force Attack Wave Uses Legacy Protocols, Credential Dumps to Compromise Cloud Accounts

A massive brute-force attack campaign used both legacy protocols and credential dumps to compromise cloud user accounts, according to security researchers.

March 20, 2019 | By David Bisson

news

Professional working on a laptop in the office targeted with Ursnif banking malware

news

Threat Actor Targets Japanese Users With New Ursnif Variant

Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.

March 13, 2019 | By David Bisson

news

Woman using her phone to take a selfie: Instagram hack

news

Instagram Hack Fools Social Media Influencers With Phony ‘Verified’ Badges

Security researchers observed a Turkish-speaking group of cybercriminals using an Instagram hack to extort money, nude photos and other information from social media influencers.

March 5, 2019 | By Shane Schick

news

article

How Fraud Specialist Danna Pelleg Fights Bad Guys With the Best Team in the Business

Danna Pelleg's childhood curiosity, early technology education and compulsion to fight the bad guys led her to a career as a fraud specialist and security operations team lead at IBM Trusteer.

January 30, 2019 | By Security Intelligence Staff

article

Woman using two-factor authentication on her phone to log in to computer

news

New Reverse Proxy Tool Can Bypass Two-Factor Authentication and Automate Phishing Attacks

A new reverse proxy tool called Modlishka can easily automate phishing attacks and bypass two-factor authentication (2FA) — and it's available for download on GitHub.

January 15, 2019 | By Douglas Bonderud

news

Businesswoman checking her email: phishing kit

news

Phishing Kit Uses Custom Web Font to Impersonate Major US Bank

A new phishing kit uses a custom web font to implement a substitution cipher in its campaign to target customers of a major U.S. bank.

January 9, 2019 | By David Bisson

news

Fraudsters Abuse Smartphone Google Calendar Feature to Push Through Scam Offers

Latest Mirai Malware Variant Contains 18 Exploits, Focuses on Embedded IoT Devices

Extortion Scam Threatens Website Owners With Reputational Damage

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

HawkEye Malware Operators Renew Attacks on Business Users

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Webinar: Under the Radar: IBM QRadar Demo Series

Webinar: Appliance Networking Topics

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Tag: Phishing Attack

Extortion Scam Threatens Website Owners With Reputational Damage

Phishing Scam Leverages Fake List of Undelivered Emails to Trick Users Into Clicking

New XLoader Variant Masquerades as Android Security Apps, iOS Configuration Profile

Personal Health Details of More Than 350,000 Oregonians Potentially Exposed in HIPAA Breach

Brute-Force Attack Wave Uses Legacy Protocols, Credential Dumps to Compromise Cloud Accounts

Threat Actor Targets Japanese Users With New Ursnif Variant

Instagram Hack Fools Social Media Influencers With Phony ‘Verified’ Badges

How Fraud Specialist Danna Pelleg Fights Bad Guys With the Best Team in the Business

New Reverse Proxy Tool Can Bypass Two-Factor Authentication and Automate Phishing Attacks

Phishing Kit Uses Custom Web Font to Impersonate Major US Bank