cybercriminals
Bot herders try to resurrect Grum, fail
As you have probably already heard, the Grum botnet – formerly the third largest in the world – has been effectively shut down last week after several security …
Record number of phishing websites in the wild
The number of brands targeting by phishing attacks sustained an all-time high of 382 in February and March, while cybercrime gangs deployed a record number of phishing …
Fake Intuit emails lead to malware
Emails purportedly sent by US tax preparation software and services company Intuit and professional social network LinkedIn have been hitting inboxes in the last week, posing …
Pinterest starts blocking hacked accounts, investigates
Pinterest spam and scams are nothing new. Spammers usually use newly created accounts to do it, and Pinterest scam toolkits have surfaced to help them in their efforts. But it …
Bogus wire rejection notices lead to exploit kit
Fake notices about a rejected wire transfer have been hitting inboxes around the world, trying to trick recipients to download the attached malicious file, Sophos warns. The …
Compromised online accounts for sale
The recently unearthed website of a service specializing in selling access to compromised email and social networking accounts of Russian and Ukrainian users offers a …
Spear phishing targets one in two organizations
Proofpoint announced findings from a survey of security IT enterprise decision makers, about email and information security trends. Key findings include: Spear phishing is an …
WoW players targeted with in-game phishing schemes
It should not be a surprise that when Blizzard announced closed beta testing for Mists of Pandaria – the fourth expansion pack for the massively popular World of …
Big brands utilized in malware distribution
Commtouch security analysts have seen substantial continued blending of big brand names with malware. Researchers named the following top seven brands that were abused in …
Nearly half a million Yahoo passwords leaked following hack
Some 450,000 email addresses and associated unencrypted passwords have been dumped online by the hacking collective “D33Ds Company” following the compromise of a …
Multi-platform backdoor served through compromised website
The compromised website of a Colombian transport company has been found serving a signed Java applet that detects whether the visitor is using a Windows, OS X or Linux machine …
Multi-target phishing campaign hits webmail users
An active phishing campaign that is simultaneously targeting Gmail, Yahoo, AOL and Windows Hotmail email users has been spotted by Webroot. The potential victims receive a …
Featured news
Resources
Don't miss
- Why your security team feels stuck
- It’s time to give AI security its own playbook and the people to run it
- Kanvas: Open-source incident response case management tool
- 6 eye-opening books on AI’s rise, risks, and realities
- Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)