#PhishingAlert

Helpline for Yakuza victims fears it leaked their personal info

by

November 22, 2024 at 12:32AM The Kumamoto Prefecture Violence Prevention Movement Promotion Center apologized after a phishing incident potentially exposed personal information of 2,500 individuals seeking assistance against organized crime. The agency emphasizes the importance of confidentiality in its counseling services and is notifying affected individuals while urging caution against potential scams. **Meeting Notes Takeaways:** … Read more

FBCS data breach impact now reaches 4.2 million people

by

July 26, 2024 at 02:53PM Debt collection agency FBCS has expanded the number of people affected by a February data breach to 4.2 million in the US. The breached data includes personal info such as SSN, account details, and more. New notifications have been sent out, warning of increased phishing risks, and offering free credit … Read more

Fake CrowdStrike updates target companies with malware, data wipers

by

July 21, 2024 at 03:34PM Cybercriminals are using CrowdStrike’s glitchy update to target companies with data wipers and remote access tools. CrowdStrike is actively assisting affected customers, urging them to verify official communications. Phishing emails exploiting the situation have been observed by researchers and government agencies. Malicious actors are distributing malware disguised as CrowdStrike updates, … Read more

Dairy giant Agropur says data breach exposed customer info

by

June 28, 2024 at 12:59PM Agropur, a major North American dairy cooperative, has notified customers of a data breach involving online directories but assures that core operations are not affected. The company, processing 6.7 billion liters of milk annually and generating $5.1 billion in revenue, is investigating with cybersecurity experts and law enforcement. No evidence … Read more

New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI

by

May 27, 2024 at 06:06AM Researchers have identified phishing campaigns abusing Cloudflare Workers to serve phishing sites targeting Microsoft, Gmail, Yahoo!, and cPanel Webmail users. The phishing method, called transparent phishing, utilizes Cloudflare Workers as a reverse proxy server. The attacks predominantly target Asia, North America, and Southern Europe, using HTML smuggling to deploy the … Read more

Vans claims cyber crooks didn’t run off with its customers’ financial info

by

March 24, 2024 at 06:15AM Clothing and footwear company VF Corporation informed 35.5 million customers of a potential identity theft risk due to a security breach last year. The breach did not involve credit card or bank account details, but personal information may have been exposed. VF denies data theft related to financial information and … Read more

It’s tax season, and scammers are a step ahead of filers, Microsoft says

by

March 20, 2024 at 03:38PM Microsoft has uncovered a clever phishing scheme targeting early tax filers in 2024. The scam involves an email claiming to contain tax returns and leads users to a fake website. Once downloaded, it installs malware to steal account credentials. Microsoft warns taxpayers to be cautious, especially certain vulnerable groups, and … Read more

Fake Leather wallet app on Apple App Store is a crypto drainer

by

March 11, 2024 at 10:58AM The Leather cryptocurrency wallet developers warned of a fake app on the Apple App Store, labeled as a wallet drainer, targeting users to steal their digital assets. The app impersonates the genuine product, prompting users to enter their secret passphrases and subsequently draining their wallets. Despite reports, the app remains … Read more

MongoDB confirms customer data was exposed in a cyberattack

by

December 16, 2023 at 05:41PM MongoDB experienced a cyberattack that breached its corporate systems and exposed customer data. The attack was detected by the company, and an investigation is ongoing. Although customer account metadata and contact information were compromised, data stored in MongoDB Atlas remains secure. The company urges customers to take security measures and … Read more

Five Eyes nations warn Moscow’s mates at the Star Blizzard gang have new phishing targets

by

December 7, 2023 at 08:40PM The Five Eyes alliance issued a warning about the Russian hacking group Star Blizzard’s phishing attacks on defense and energy sectors. Directed by Russia’s FSB, the group has expanded targets and tactics, with U.S. and UK officials and institutions being primary victims. Two members have been indicted for hacking between … Read more