June 3rd, 2022 by hankshelp
“A vulnerability dubbed “Follina” could allow attackers to gain full system control of affected systems. Learn more about it and how to protect yourself from it,”
“A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.”
Posted in Malware, Phishing, Scams | No Comments »
April 5th, 2022 by hankshelp
“Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.”
Posted in Identity Theft, Phishing, Scams, Security Breeches, Uncategorized | No Comments »
November 16th, 2021 by hankshelp
With so many reports from others about being “Hacked”, I thought it would be useful to pass on some advice on how to spot a fake “Friend Request”…
Posted in Identity Theft, Phishing | No Comments »
May 5th, 2021 by hankshelp
“Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.”
Posted in Identity Theft, Malware, Phishing | No Comments »
January 19th, 2021 by hankshelp
Joker’s Stash Carding Market to Call it Quits
Joker’s Stash, by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. and European authorities seized a number of its servers.
Posted in Identity Theft, Phishing, Ransomware | No Comments »
April 3rd, 2020 by hankshelp
“A spear-phishing attack this week hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com.”
Posted in Phishing, Security Breeches | No Comments »
January 8th, 2020 by hankshelp
“Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim’s email, files and contacts — even after the victim has changed their password.”
Posted in Malware, Phishing | No Comments »
October 28th, 2019 by hankshelp
“An open cloud database sets the stage for phishing attacks for users of the subscription service.”
Posted in Identity Theft, Phishing, Security Breeches | No Comments »
May 30th, 2019 by hankshelp
‘A new phishing campaign is underway that pretends to be from the “Office 365 Team” warning recipients that there has been unusual amount of file deletions occurring on their account.’
Posted in Phishing | No Comments »