Industry

Latest

Illegally Streaming “Spider-Man: No Way Home” Could Be Hazardous to Your Computer

Given the dangers that COVID-19 poses to people's health and the emergence of new variants every so often, it's easy to see why avid moviegoers would resort to streaming instead. But while they may indeed be avoiding the disease, their attempts to download pirated movies is not only illegal -- it could put their computers at risk. more

NFTs and Emerging Scams

As NFTs continue to grow in popularity, questions about how to protect both intellectual property and consumers will increase. In 2021, NFT sales reached an estimated $24.9 billion. That's up from $94.9 million the year before. more

New Zloader Campaign: Where Do IoCs Lead Us?

Zloader, a banking malware that steals sensitive user data, is back with a more sophisticated infection chain. It evades detection while exploiting Microsoft's digital signature verification method. more

Gift Cards, Anyone? Watch Out for Fraud and Malware Hosts

Giving gifts the whole year round is normal, but a whole boatload of presents are bought and sold most especially during Christmas and holiday seasons. The end-of-year holidays, unfortunately, also usher in the greatest number of gift card scams. But the world's biggest brands are no longer newbies to the threat, which is why Amazon, iTunes, and Target, among many others, have put up pages where scam victims can report malicious sites and pages. more

Log4j Vulnerability: What Do the IoCs Tell Us So Far?

A zero-day vulnerability found in Log4j, a logging library commonly used in Java, was detected on 9 December 2021. The vulnerability known as "CVE -- 2021 -- 44228" or "Log4Shell" enables attackers to execute codes and access all data on an infected machine remotely. more

Domain Registrar Selection: A Key Indicator of Overall Organization Security

This week, CSC and SecurityScorecard - the global leader in cyber security ratings for enterprise organizations - released an important piece of research in a whitepaper that shows a company's choice of domain registrar really does matter when it comes to cyber security. more

“Nickel” APT Group: What We Found About Microsoft’s Latest Domain Seizure

Threat actors reportedly attacked 29 government agencies worldwide in a recent malicious campaign. The attacks were attributed to China-based advanced persistent threat (APT) group Nickel, which has been known to trail its sights on governments and nongovernmental organizations (NGOs) across Europe, the Americas, and the Caribbean. more

Is Your Domain Portfolio Governance Policy Up To Date?

Updating your domain portfolio governance policy regularly will allow you to steadily move away from less effective methods for your business and into a stronger overall digital transformation strategy. more

Are Mypressonline.com’s Free Subdomain Creation Services Being Abused?

It’s not uncommon to see free web hosting providers get abused as part of phishing campaigns. IBM X-Force Exchange, in fact, published three indicators of compromise (IoCs) related to such an incident. more

What WHOIS History Reveals about 3,800+ Verified Phishing Hosts

The ability to retrieve historical WHOIS information can be essential for the cybersecurity community, particularly when it comes to threat hunting and cybercrime investigation. This investigative capability is highlighted in our latest downloadable white paper "Digging Up Zombie Domains: What WHOIS History Reveals about 3,800+ Verified Phishing Hosts" where we analyzed thousands of verified phishing hosts and their historical WHOIS records. more

Telcos Are on Phishers’ Radar, Who Is at Risk?

The November 2021 PhishLabs Quarterly Threat Trends & Intelligence Report indicated the finance, social media, and telecommunications industries as phishers’ most targeted sectors. Last month, we analyzed a squatting campaign targeting U.S. Bancorp to determine if other banks were at risk, this time we’ll look into the top 3 phishing industry target – telecommunications. more

Locky Ransomware: Still a Threat as List of IoCs Grows

Locky has been around since 2016, contributing to the total amount lost to ransomware worldwide, which has to this day reached US$20 billion in the U.S. alone. It usually gets delivered to users’ computers via emails with malicious attachments in the form of macro-laden Word documents. more