Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
- Detecting Spear Phishing Attacks that Slip Past Defenses (PhishLabs)
While desirable, blocking all threats in the Prevent phase is not achievable. Inevitably, a portion of email-based attacks will exhibit characteristics too similar to legitimate business activity to block or quarantine them prior to delivery into user inboxes. The objective of the Detect phase is to see these attacks that reach user inboxes and recognize them as a potential threat.
- Consumer Alert: Debit card fraud at Walmart discovered in 16 states (CSO)
Consumers are being warned about an uptick in the number of fraudulent purchases being made at Walmart, which in some cases has resulted in their financial institution moving to deny debit card transactions unless a PIN is used.
- FBI and UK cops smash Dridex high-stakes bank-raiding botnet (ZDNet)
Joint efforts by law-enforcement agencies in the US and UK have crippled an eastern European gang behind the bank credential-stealing botnet known as Dridex.
- New zero-day exploit hits fully patched Adobe Flash [Updated] (ARS Technica)
Update on October 14 at 1:15pm PDT: Adobe officials have confirmed this vulnerability affects Flash version 18.104.22.168, which was released on Tuesday. The vulnerability has been cataloged as CVE-2015-7645. The company expects to release a fix next week.
- The Dark Web Uncovered: From Stolen Netflix Accounts to CNI Hacks (Info Security)
A new report from Intel Security has shone a light on the shadowy world of Dark Web cybercrime markets, where everything from £1 Netflix accounts to critical infrastructure access is available.
- U.S. accuses hacker of stealing military members’ data and giving it to ISIS (The Washington Post)
The Justice Department has charged a hacker in Malaysia with stealing the personal data of U.S. service members and passing it to the Islamic State terrorist group, which urged supporters online to attack them.
- Why ATM Fraud Will Continue to Grow (Bank Info Security )
ATMs and other self-service payments devices, such as pay-at-the-pump gas terminals, have always been prime targets for criminals. These unattended terminals are easy to compromise with card skimmers and well-placed cameras designed to capture PINs as they're entered on PIN pads.