Highly Effective Phishing Attack Targets Corporate Travelers
Attackers are using the lure of airline reservations as part of a highly effective phishing campaign that researchers say is successful about 90 percent of the time. The campaign targets corporate victims, and the attackers behind it seem to be doing quite a bit of research before sending the phishing emails. The messages are constructed […]
Mirai Botnet Hammers College With Two-Day Attack
A newly discovered variant of the Mirai malware recently was used in a massive, sustained DDoS attack against a college in the United States, an attack that lasted more than two days. The Mirai malware has been involved in several of the larger DDoS attacks ever seen, including one that hit the Dyn DNS provider […]
Amazon Adds Pindrop for Security of Connect Call Center Service
The call center has become a key entry point into many organizations for fraudsters and cybercriminals, and enterprises have discovered that protecting that channel is not the same as defending a corporate network. The phone channel has its own unique traits and peculiarities that make it a challenge for security teams, particularly the involvement of humans […]
Users Face Uncertain Future After Rollback of Broadband Privacy Rule
The House of Representatives on Tuesday to repeal a set of landmark privacy protections for Internet users, issuing a total rebuke of Internet policies enacted under the Obama administration. Privacy advocates had worked frantically to urge voters to contact their representatives about the resolution, which allows broadband providers to sell customers’ data without prior consent. The […]
Congress Asks FCC for Urgent Action on Mobile Security
Congressional leaders are continuing to pressure federal agencies to address shortcomings in the security of the telecommunications infrastructure, specifically to warn consumers about weaknesses that can open them up to remote surveillance. In a letter sent Tuesday, Rep. Ted Lieu and Sen. Ron Wyden asked FCC Chairman Ajit Pai to take “swift action” to resolve […]
FCC Warns on New ‘Can You Hear Me’ Phone Scam
Phone scammers have adopted a new tactic recently that is part of a long-term scheme to impersonate victims during calls with banks or other financial institutions. The new technique involves a scammer calling a victim and when the victim answers, immediately asking, “Can you hear me?” The idea is to record the victim’s voice as […]
iOS 10.3 Fixes Dozens of Serious Flaws
With the release of iOS 10.3 today, Apple has patched more than two dozen vulnerabilities that could lead to arbitrary code execution in a new release of iOS. Many of the code-execution bugs are in the iOS kernel and several others are in the FontParser component of the operating system. Among the kernel vulnerabilities, there […]
Another Critical Bug Hits LastPass
A few days after LastPass released a fix for some critical security flaws in its extensions for Chrome and Firefox, a researcher has identified a new vulnerability in the browser extension that allows an attacker to get full code execution on a target machine. The details of the new bug are not public yet, but […]
Those IRS Scam Calls May Disappear Soon
The FCC has moved one step closer to implementing a system that would prevent robocalls that spoof the caller ID of numbers that don’t initiate outbound calls, a move that could significantly reduce the volume of scam calls reaching businesses and consumers. The commission on Thursday issued a notice that seems public comment on the concept of […]