Shellshock Bug, POS Breach, Hackers Target Medical and more | TWIC - September 26, 2014

Posted by Lindsey Havens

Sep 26, '14

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Malware, The Week in Cybercrime, Data Breach, POS Attacks, Shellshock

Bash “Shellshock” Bug Rivals Heartbleed in Cyber Threat Severity

Posted by Don Jackson, Director of Threat Intelligence

Sep 26, '14

The recently discovered bug, Shellshock, also known as the “bash bug” was made public on September 24, 2014, causing widespread anxiety as bug patches failed to remediate all vulnerabilities. The bug is found in Bash – an almost ubiquitous system software used in millions of computers, Linux-based machines and even Mac computers. Essentially, the vulnerability allows for remote execution of arbitrary commands on web servers and computers with no authentication required.

Read More

Topics: Threat Intelligence, Shellshock

PhishLabs partners with VirusTotal

Posted by Stacy Shelley

Sep 24, '14

We're pleased to announce that VirusTotal has joined our global network of cybercrime intelligence partners. Intelligence sharing is a vital part of the fight against cybercrime, providing threat visibility and insight to aggressively mitigate attacks and protect our clients. Our partnership with VirusTotal provides an additional layer of intelligence, expanding our threat visibility.

Read More

Topics: Threat Intelligence, Company News

Retail Breach Impacts, Online Storefront Hack, DOD Contractors Targeted and more | TWIC - September 19, 2014

Posted by Lindsey Havens

Sep 19, '14

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Malware, The Week in Cybercrime, Data Breach, POS Attacks

PhishLabs expands protection against malicious email spam

Posted by Stacy Shelley

Sep 18, '14

This week, we upgraded our Brand Abuse Lure Protection service to provide comprehensive protection against all cybercrime email lures that abuse the brands of our clients. 

Read More

Topics: Malware, Fraud, Company News, Spam, Brand Abuse Lure

Cybercriminals Find POS Terminals Easy Prey

Posted by Don Jackson, Director of Threat Intelligence

Sep 17, '14

Over the past few months an abundance of point-of-sale (POS) attacks on major retailers has left millions of consumers’ personal account information vulnerable. The Home Depot, Goodwill, Supervalu grocery chain, Dairy Queen, and the UPS Store were all recently in the spotlight for POS terminal attacks where memory-scraping malware was installed to nab customer information. What is the cause of the uptick in POS attacks and what can be done to mitigate future attacks?    

Read More

Topics: Fraud, Account Takeover, POS Attacks

Peter Pan Phishing Scheme, Malware on Foreign-Policy Website, Hackers Target Healthcare Industry and more | TWIC - September 13, 2014

Posted by Lindsey Havens

Sep 13, '14

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: Malware, Exploit, The Week in Cybercrime, Data Breach

“Please Try Again” – Trending Tactics in Phishing

Posted by Don Jackson, Director of Threat Intelligence

Sep 12, '14

Have you ever received this message when logging into an account? Chances are you have and you likely  blamed the “error” on yourself. What did you do next? You probably carefully typed each letter of your password to ensure accuracy. After reading this post, we hope you will think twice about the next request to “please try again.”

With an increase in phishing activity (APWG recently reported a 10.7 percent increase), also comes evolving tactics of deceit. In the past month, PhishLabs' R.A.I.D. (Research, Intelligence, and Analysis Division) observed the rise of intentional errors into scammers' playbooks.

Read More

Topics: Phishing, Fraud, Hacker Tools, Account Takeover

Vawtrak Gains Momentum, Retail & Nonprofit Data Breaches and more | TWIC - September, 5 2014

Posted by Lindsey Havens

Sep 5, '14

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

Read More

Topics: The Week in Cybercrime

Vawtrak Gains Momentum and Expands Targets

Posted by Don Jackson, Director of Threat Intelligence

Sep 3, '14

Vawtrak is the security industry's name for the latest version the 64-bit compatible Gozi Prinimalka Trojan, a family of malware first conceived in the mid-2000's. Recently, PhishLabs’ R.A.I.D (Research, Analysis, and Intelligence Division) has uncovered new developments in the latest Vawtrak configurations that indicate it is a much more substantial threat than it was a few months ago.

What You Need to Know

Read More

Topics: Malware, Threat Analysis, Threat Intelligence, Trojan, ATO, Vawtrak

    

Subscribe to Email Updates