Email & web-based spam & malware attacks impact global organizations in 2017, a cybersecurity study conducted by AppRiver shows. The post AppRiver Report: 1, 000% Increase in Phishing Attacks in 2017 appeared first on MSSP Alert .
Read More:
AppRiver Report: 1,000% Increase in Phishing Attacks in 2017
An anonymous reader shares a Gizmodo report (condensed for space): For nearly two weeks, the company’s official Twitter account has been directing users to a fake lookalike website. After announcing the breach, Equifax directed its customers to equifaxsecurity2017.com, a website where they can enroll in identity theft protection services and find updates about how Equifax is handing the “cybersecurity incident.” But the decision to create “equifaxsecurity2017” in the first place was monumentally stupid. The URL is long and it doesn’t look very official — that means it’s going to be very easy to emulate. To illustrate how idiotic Equifax’s decision was, developer Nick Sweeting created a fake website of his own: securityequifax2017.com. (He simply switched the words “security” and “equifax” around.) As if to demonstrate Sweeting’s point, Equifax appears to have been itself duped by the fake URL. The company has directed users to Sweeting’s fake site sporadically over the past two weeks. Gizmodo found eight tweets containing the fake URL dating back to September 9th. Read more of this story at Slashdot.
Continue Reading:
Equifax Has Been Sending Consumers To a Fake Phishing Site for Almost Two Weeks
Not very pleased with your internet speeds? Think about the people Down Under. Australia’s “bungled” National Broadband Network (NBN) has been used as a “cautionary tale” for other countries to take note of. Despite the massive amount of money being pumped into the NBN, the New York Times reports, the internet speeds still lagged behind the US, most of western Europe, Japan and South Korea — even Kenya. The article highlights that Australia was the first country where a national plan to cover every house or business was considered and this ambitious plan was hampered by changes in government and a slow rollout (Editor’s note: the link could be paywalled; alternative source), partly because of negotiations with Telstra about the fibre installation. From the report: Australia, a wealthy nation with a widely envied quality of life, lags in one essential area of modern life: its internet speed. Eight years after the country began an unprecedented broadband modernization effort that will cost at least 49 billion Australian dollars, or $36 billion, its average internet speed lags that of the United States, most of Western Europe, Japan and South Korea. In the most recent ranking of internet speeds by Akamai, a networking company, Australia came in at an embarrassing No. 51, trailing developing economies like Thailand and Kenya. For many here, slow broadband connections are a source of frustration and an inspiration for gallows humor. One parody video ponders what would happen if an American with a passion for Instagram and streaming “Scandal” were to switch places with an Australian resigned to taking bathroom breaks as her shows buffer. The article shares this anecdote: “Hundreds of thousands of people from around the world have downloaded Hand of Fate, an action video game made by a studio in Brisbane, Defiant Development. But when Defiant worked with an audio designer in Melbourne, more than 1, 000 miles away, Mr. Jaffit knew it would be quicker to send a hard drive by road than to upload the files, which could take several days.” Read more of this story at Slashdot.
Excerpt from:
How Australia Bungled Its $36 Billion High-Speed Internet Rollout
An anonymous reader shares a report: In a few weeks, at its education-oriented software and hardware event in New York, Microsoft could unveil a sub-premium laptop — something more robust than a Surface but not as fancy as a Surface Book. And rather than run good old Windows 10, the new product could run something called Windows 10 Cloud, which reportedly will only be able to run apps that you can find in the Windows Store, unless you change a certain preference in Settings. The idea is that this will keep your device more secure. However, that does mean you won’t be able to use certain apps that aren’t in the Store — like Steam — on a Windows 10 Cloud device, such as the rumored CloudBook. Microsoft is going after Google’s Chromebooks that are very popular in the education space — so much so that they are playing an instrumental role in keeping the entire PC shipments up. Read more of this story at Slashdot.
View the original here:
Microsoft’s Rumored CloudBook Could Be Your Next Cheap Computer
dryriver writes: A company named Arca Noae is working on a new release of the X86 OS/2 operating system code named “Blue Lion” and likely called ArcaOS 5 in its final release. Blue Lion wants to be a modern 21st Century OS/2 Warp, with support for the latest hardware and networking standards, a modern accelerated graphics driver, support for new cryptographic security standards, full backward compatibility with legacy OS/2, DOS and Windows 3.1 applications, suitability for use in mission-critical applications, and also, it appears, the ability to run “ported Linux applications”. Blue Lion, which appears to be in closed beta with March 31st 2017 cited as the target release date, will come with up to date Firefox browser and Thunderbird mail client, Apache OpenOffice, other productivity tools, a new package manager, and software update and support subscription to ensure system stability. It is unclear from the information provided whether Blue Lion will be able to run modern Windows applications. Read more of this story at Slashdot.
More:
A 21st-Century Version Of OS/2 Warp May Be Released Soon
A ‘mere’ 10.8% phishing success rate has forced Los Angeles County to notify approximately 756, 000 individuals that their personal information may have been compromised. The attack occurred on May 13, 2016 when 1, 000 County employees received phishing emails. 108 employees were successfully phished. A Nigerian national has been charged in connection with the hack. From a report on The Guardian: Many large organizations would welcome a 10% success rate in their internal anti-phishing training sessions, with 30% and above being common. The 2016 Verizon DBIR suggests that 30% of all phishing emails are opened. The high number of individuals affected from a relatively low number of successes in LA County demonstrates how dangerous phishing attacks can be. The nature of the potentially compromised information is also concerning. “That information may have included first and last names, dates of birth, Social Security numbers, driver’s license or state identification numbers, payment card information, bank account information, home addresses, phone numbers, and/or medical information, such as Medi-Cal or insurance carrier identification numbers, diagnosis, treatment history, or medical record numbers, ” said the County of Los Angeles Chief Executive Office in a statement. Read more of this story at Slashdot.
See more here:
Nigerian Man Charged in Hacking of Los Angeles County Emails
coondoggie writes: There has been a 400% surge in phishing and malware incidents in this tax season alone, the Internal Revenue Service warned this week. According to the IRS, there have been thousands of phony emails aimed at fooling taxpayers into thinking these are official communications from the IRS or others in the tax industry, including from many tax software companies. Read more of this story at Slashdot.
Continue Reading:
IRS Warns Of 400% Flood In Phishing and Malware This Tax Year Alone
An anonymous reader writes: Security researcher Sean Cassidy has developed a fairly trivial attack on the LastPass password management service that allows attackers an easy method for collecting the victim’s master password. He developed a tool called LostPass that automates phishing attacks against LastPass, and even allows attackers to collect password vaults from the LastPass API. Read more of this story at Slashdot.
Originally posted here:
LastPass Vulnerable To Extremely Simple Phishing Attack
McGruber writes: Amechi Colvis Amuegbunam, 28, a Nigerian man living in the U.S. on a student visa, faces federal wire fraud charges in connection with a sophisticated email phishing scam targeting businesses. He was arrested in Baltimore and charged with scamming 17 North Texas companies out of more than $600, 000 using the technique. If convicted, Amuegbunam faces up to 30 years in prison and a fine of up to $1 million. Read more of this story at Slashdot.
Follow this link:
Arrested Nigerian Email Scammer Facing Up To 30 Years In Prison
msm1267 (2804139) writes Pharming attacks are generally network-based intrusions where the ultimate goal is to redirect a victim’s web traffic to a hacker-controlled webserver, usually through a malicious modification of DNS settings. Some of these attacks, however, are starting to move to the web and have their beginnings with a spam or phishing email. Proofpoint reported on the latest iteration of this attack, based in Brazil. The campaign was carried out during a five-week period starting in December when Proofpoint spotted phishing messages, fewer than 100, sent to customers of one of the country’s largest telecommunications companies. Read more of this story at Slashdot.
See more here:
Pharming Attack Targets Home Router DNS Settings