Security Stop-Press : Scammers Advertise Hacking Services On US Government Websites
A senior researcher at the Citizen Lab has revealed that scammers have been uploading PDFs containing links to multiple government and university websites. Some of the PDFs have been found to contain links to websites offering hacking services for Instagram, Facebook, and Snapchat accounts. It’s also thought possible that some of the uploaded PDFs could […]
Security Stop Press : Scam Warning – Fake Charity Websites
A warning has been issued by the BBC, following its own investigation, to beware of the hundreds of fake charity websites that have now been set up by scammers to trick people into donating money to the people and the military of Ukraine. Some have even been using well known charity brands such as ‘Save the […]
Security Stop Press : Scam Ad Linked To Phishing Site Tops Google
UK Consumer champion Which? has reported that a scam mobile advert linked to a site mimicking the legitimate Lyca Mobile site was able to bypass the Google Ads verification check to reach the top of Google’s search listing. Which? reported that scammers got around Google’s ad verification check by claiming to be “Vodafone Finance Management”, […]
Security Stop-Press : Russian Hackers Using Dropbox and Google Drive to Target Victims
Threat hunters at Palo Alto Networks’ Unit 42 have warned that a Russia-based hacking group known as Cozy Bear, Nobelium, APT29 and Cloaked Ursa, are using trusted, legitimate cloud services such Dropbox and Google Drive in their attacks. For example, the group’s recent attacks on some western diplomats use a pdf to call out to […]
Security Stop-Press : Reddit Hacked After Phishing Attack
Social news and discussion website Reddit has reported being hit by a “sophisticated phishing campaign that targeted Reddit employees” whereby a single employee’s credentials were obtained, and an attacker gained access to internal documents and code, as well as some internal dashboards and business systems. Following several days of investigation, Reddit has announced “we have […]
Security Stop-Press: Record-breaking DDoS Attack Highlights Growing Cybersecurity Threats
Cloudflare’s latest DDoS Threat Report for Q4 2024 highlights a dramatic surge in Distributed Denial of Service (DDoS) attacks, including a record-breaking 5.6 Tbps assault. The web security and infrastructure company’s report reveals a 53 per cent year-over-year rise in DDoS activity, with Cloudflare blocking 21.3 million attacks in 2024, 6.9 million of which occurred […]
Security Stop-Press : Ransomware Damage To Royal Mail
Royal Mail has reported that following their hit by 10 major LockBit ransomware attacks in January, some services have still not recovered, plus it is still using alternative solutions and systems. Despite making progress, Royal Mail reports being unable to process new Royal Mail parcels purchased through Post Office branches, that the delivery of international […]
Security Stop Press : Ransomware Attack On UK IT Service Provider
It’s been reported that according to a dark web victim blog of cybercrime hacking gang ‘Donut,’ Nottingham-based IT Service Provider Agilitas may have been the subject of a ransomware attack. Donut is reported to be claiming that it is in possession of the source code and SQL databases belonging to Agilitas and is threatening to […]
Security Stop-Press : QuickBooks Customers Targeted By Phishing Attacks
Tax software vendor Intuit has warned that QuickBooks customers are being targeted with phishing attacks that are impersonating the company and are designed to lure targets with fake account suspension warnings. The phishing emails ask targets to click on a “Complete Verification” button which re-directs them to a phishing site designed to harvest personal information […]
Security Stop-Press : Public USB Charger “Juice Jacking” Warning
The FBI has warned that cyber criminals are hijacking public USB ports to introduce malware and monitoring software onto devices. The FBI says that software installed through a corrupted USB port (known as “juice jacking”) can lock a device or export personal data and passwords directly to the perpetrator, which criminals can then use to […]