Recent Posts

Recent Blog Posts

The PhishLabs Blog

Wire Transfer Scam Alert, New Bug Haunts Linux, ZeroAccess Botnet and more | TWIC - January 30, 2015

Posted by Lindsey Havens on Jan 30, '15


Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

  • FBI Issues Wire Transfer Scam Alert (BankInfoSecurity)
    The FBI has issued an alert about a fraud scam known as "Business E-mail Compromise" targeting businesses that regularly make wire transfers to foreign companies. Certain variations of this scam have been going on for years, says John LaCour, CEO of online security firm PhishLabs.

  • Spreading the Disease and Selling the Cure (KrebsOnSecurity)
    Programmer works on two very different yet complementary online services: One lets people launch powerful attacks that can knock Web sites, businesses and other targets offline for hours at a time; the other is a Web hosting service designed to help companies weather such assaults.

  • Highly critical “Ghost” allowing code execution affects most Linux systems (ars technica) 
    An extremely critical vulnerability affecting most Linux distributions gives attackers the ability to execute malicious code on servers used to deliver e-mail, host webpages, and carry out other vital functions.

  • Scouts take down database due to 'security vulnerabilities' (TheRegister)
    The Scouts Association has taken down its Compass database, which holds the records of nearly half-a-million young people and adult volunteers, after discovering a "potential security vulnerability," The Register can reveal.

  • Skeleton Key Malware Linked to Backdoor Trojan: Symantec (Security Week)
    Researchers at Symantec say a recently discovered piece of malware aimed at Active Directory may be linked to a separate malware family used in attacks against targets in the U.S. and Vietnam.

  • Links Found between NSA, Regin Spy tool and QWERTY Keylogger (TheHackerNews)
    Researchers have uncovered a new evidence that a powerful computer program discovered last year, called "Regin", is "identical in functionality" to a piece of malware used by the National Security Agency (NSA) and its Five Eyes allies.

  • Marriott Customers’ Personal Details Exposed by Simple Web Flaw (The State of Security)
    Here’s a piece of advice for anyone responsible for securing a corporation’s data: If you discover security researcher Randy Westergren is using your app, you had best take a long hard look at whether you are protecting your users’ information properly.

  • ZeroAccess Click-Fraud Botnet Back In Action Again (Dark Reading)
    After six months of silence, the ZeroAccess botnet -- aka Sirefet -- is back in action. Fortunately, it's operating at a smaller scale than it was a couple years ago.

  • Outlook for iOS app "breaks" corporate security, developer says (ZDnet)
    Microsoft's newest email app for iPhones and iPads "breaks" corporate and enterprise security in multiple ways, a developer claims.

Topics: Malware, DDoS, The Week in Cybercrime, Data Breach

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all