A week in security (September 2 – 8)
A roundup of the latest cybersecurity news for the week of September 2 – 8, including TrickBot’s new trick, a social engineering toolkit, and how to keep remote workers safe.
New social engineering toolkit draws inspiration from previous web campaigns
We discovered a web social engineering toolkit that allows crooks to create fake update notification campaigns on both desktop and mobile in up to 30 different languages.
QR code scam can clean out your bank account
QR code scams are still popular. We should learn to treat QR codes like we do any other unrecognizable URL: with suspicion on where it will take us.
Reputation management in the age of cyberattacks against businesses
A business’s reputation takes years to build. With the current climate of data breaches, destroying it can take only seconds. What can businesses do to protect their brands from fallout following a cybersecurity incident? We answer these questions and more.
Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge
While many tech-savvy folks are familiar with two-factor authentication (2FA), more are unaware that there are several ways around it. A tool called Modlishka, the English pronunciation for the Polish word for “mantis,” is the latest in this list.
Flurry of new Mac malware drops in December
Multiple new pieces of Mac malware have appeared in December, all distributed through different means, but all opening backdoors on infected computers.
Sextortion emails: They’re probably not watching you
Yes, those sextortion email scams using old passwords are still making the rounds. How can you spot a real sextortion attempt from an empty threat? And when should you report to authorities? Read on to find out.
Information operations on Twitter: new data released on election tampering
New information released by Twitter sheds fresh light on the various professional troll campaigns deployed alongside the 2016 presidential elections.
100 channels and nothing on, except TV Licensing phishes
A recent bout of TV Licensing phishing emails promise British users a refund once they log in to a phony TV License website and provide payment details. Read on to see if you’ve been impacted.
6 sure signs someone is phishing you—besides email
Beyond the medium used to reach you (which is most often email), what are some of the common signs and behaviors of phishing? Conversations that focus on the inbox only leave users with an inadequate understanding of how to protect against this ubiquitous threat.
