On the Wire Podcast: Chris Hadnagy
In this episode of the On the Wire podcast, Dennis Fisher talks with Chris Hadnagy of Social-Engineer Inc., about the concept of social engineering, how he got into the field, and how social engineering techniques are used by attackers. Chris talks about the way phishing has evolved in recent years, the rise of phone fraud […]
Jolly Roger and the Rise of the Anti-Bot Bots
A bot that started as a way for one man to annoy and frustrate telemarketers and robocallers has now developed into a subscription service for consumers and businesses who have had enough of the unsolicited and sometimes fraudulent calls. The Jolly Roger Telephone Co. is the creation of Roger Anderson, a phone industry veteran who […]
Old Android Bug Gives Attackers Access to Texts, Calls
There is an old, high-severity vulnerability in Android that could allow an attacker to gain access to a user’s SMS database and phone history. The bug has been in Android for at least five years and affects a huge number of Android devices. The vulnerability lies in a software package that Qualcomm maintains and it […]
As Chip-and-PIN Emerges, Attackers Favor Credential Theft and Online Fraud
The move to chip-and-PIN technology in the United States last year was supposed to be a security win, making in-store transactions more reliable and resistant to fraud. But the adoption rate for the technology hasn’t been as high as expected, and experts and analysts say that criminals are simply shifting their focus to other tactics such […]
Researchers Find Serious Flaws in Samsung SmartThings Platform
Researchers at the University of Michigan have identified a set of vulnerabilities in Samsung’s SmartThings platform that allowed them to remotely unlock doors, set off smoke alarms, and perform other unwanted actions through the use of overprivileged apps. SmartThings is a platform designed to support the use of a variety of connected devices in a […]
FBI Renews Warning on Ransomware Threat
The FBI has issued a fresh warning about the ransomware epidemic, even as the volume and sophistication of the attacks continues to rise. The latest major incident occurred last week when a power utility in Michigan was hit by a ransomware attack on its corporate network. The attack began, as many do, with a phishing […]
Serious Flaw Allows Takeover of FreedomPop Mobile Phone Accounts
Attackers are always looking for new ways to get access to users’ bank accounts and mobile devices, but sometimes the old ways are best. A researcher has discovered a serious security flaw in mobile provider FreedomPop’s site that allow an attacker to take complete control of a victim’s mobile account. Paul Moore, a security researcher and consultant in […]