Threat actors have been seen yet again abusing a technology meant to make things easy for all of us -- QR codes -- in one of the most commonly utilized cybercriminal activities - phishing. The rise in QR code phishing isn't surprising given that according to several studies, as much as 86% of the entire global population use their mobile phones for all kinds of transactions, including financial ones. more
A phishing campaign is currently targeting Facebook business accounts with password-stealing malware. The attackers have been using a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages. more
Rhysida, a new ransomware currently plaguing users may not be novel, but it's proving to be just as effective. Fortra published an in-depth analysis of the malware currently holding the data of healthcare organizations primarily based in the U.S. hostage. more
It's not uncommon for cybercriminals to tweak an existing piece of malware and then call it a new creation. We've seen that happen even in malware's earliest days. It's actually happening more and more these days, especially with the rise of the malware-as-a-service (MaaS) business model. more
XLoader has been plaguing macOS users since it was first discovered in 2021. Back then, though, it only posed a threat to those who opted to install Java on their systems. more
DNS abuse combined with redirection seems to be gaining popularity as a stealth mechanism. We've just seen Decoy Dog employ the same tactic. More recently, a still-unnamed JavaScript (JS) malware has been wreaking havoc among WordPress site owners by abusing Google Public DNS to redirect victims to tech support scam sites. more
Phishers the world over have been patronizing and utilizing the 16shop phishing kit since at least 2018. The kit's users have been known to steal data and money from the customers of some of today's biggest brands, including Amazon, American Express, and PayPal. more
Given the ubiquity of mobile phone usage, you'd think we'd all know by now how to tell legitimate from scammy text messages. Then again, cybercriminals are always on top of their game -- learning how the latest technologies work and finding ways to abuse them. more
Evolution isn't only for humans and other living things. Apparently, malware can evolve, too, and IcedID is a good example. First detected as a banking trojan in 2017, IcedID continues to undergo updates that make it even more dangerous. In the past few months, IcedID variants have been observed to deliver ransomware payloads instead of performing its original function -- stealing financial data. more
WoofLocker tech support scams have been wreaking havoc since 2017 but the threat actors behind it don't seem to be done yet. In fact, the threat may have become even more resilient. more
A World-Renowned Source for Internet Developments. Serving Since 2002.