ScadaBR

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

iba Systems ibaPDA

RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthorized actions on the file system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network...

A week in security (November 18 – November 24)

Last week on Malwarebytes Labs: Meta takes down more than 2 million accounts in fight against pig butchering "Sad announcement" email implies your friend has died Update now! Apple confirms vulnerabilities are already being exploited AI Granny Daisy takes up scammers’ time so they can’t bother yo...

PartnerLeak scam site promises victims full access to “cheating” partner’s stolen data

Earlier this week, we reported on a new type of scam that tells you your partner is cheating on you. However, we hit a dead end because we were unable to get hold of an original copy of the email. That was until the scammers were “kind enough” to send one to one of our co-workers. your partner is...

How to Spot a Business Email Compromise Scam

In this common email scam, a criminal pretending to be your boss or coworker emails you asking for a favor involving money. Here’s what do to when a bad actor lands in your inbox...

Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer

By Waqas Received an email about a hotel reservation you didn't book? It's likely a phishing attempt delivering the MrAnon Stealer malware. This is a post from HackRead.com Read the original post: Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer...

Amazon Prime email scammer snatches defeat from the jaws of victory

More often than not, its our solemn duty on this site to keep you informed about the nature and tactics of dangerous, cunnning, and persistent cybercriminals. This is not one of those days. In fact, this is the oppposite of one of those days. This is about a passable spam email sent by a spammer...

Watch out, this LastPass email with "Important information about your account" is a phish

The consequences of last year's LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the "unauthorized party" that compromised LastPass users' data was able to steal password vaults, it's likely that they are havin...

Fake ransomware demands payment without actually encrypting files

Fake it till you make it ransomware groups are trying to get rich off the backs of genuine ransomware authors. Why are they "fake it till you make it"? Because they dont actually create ransomware or compromise networks in any way. Theyre simply lying through their teeth and hoping that recipient...

IRS tax forms W-9 email scam drops Emotet malware

By Waqas Researchers have warned users to be on alert, as the IRS never sends emails to confirm taxpayers' personal information. This is a post from HackRead.com Read the original post: IRS tax forms W-9 email scam drops Emotet malware...

Phishy calls and emails play on energy cost increase fears

Gas and electricity price concerns are rife at the moment, with spiralling costs and bigger increases waiting down the line. Sadly this makes the subject valuable material for fraudsters, playing into people's fears with a dash of social engineering to make them worse off than they were previousl...

Scammers Sent Uber to Take Elderly Lady to the Bank

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a...

‘Callback’ Phishing Campaign Impersonates Security Firms

A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware. Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is actually one of the...

“URGENT BUSINESS PROPOSAL!!!” 419 scammer wants your help to move someone’s inheritance

We’ve received several emails over the last couple of days which follow the classic 419 mail scam method. Titled “URGENT BUSINESS PROPOSAL!!!”, the mail reads as follows: Greetings, I am Mukhtar M. Hussain. I got your contact information from a reputable business/professional directory. I'm worki...

Fake Royal Mail chatbot offers up…a new iPhone?

Royal Mail scams are always popular techniques for people up to no good. We’ve covered them several times over the last year or so. A quick reminder: Your parcel is waiting for delivery This is the go-to tactic for fake Royal Mail phishing attacks. You receive a text claiming there’s a parcel in...

Don’t fall for the “Donate to help children in Ukraine” scam

Earlier this week, we spotted a Microsoft sign-in phish that appeared to be taking advantage of the Ukraine crisis in order to scam people. The email warned of unauthorized log in attempts to the recipients account, and the location of those attempts was listed as "Russia/Moscow". We probably won...

Don’t let scammers ruin your Valentine’s Day

Today is Valentines Day, so we thought wed show you how cybercriminals use special times like this one for phishing attacks. Our Valentines story starts with a victim receiving an email message. The email urges them to open an attached file, and also contains well formatted content that tries to...

Attackers Target Intuit Users by Threatening to Cancel Tax Accounts

Just in time for tax season, Intuit is warning customers of a phishing campaign that threatens to close user accounts if they don’t click on a malicious link. The attacks on the accounting-software specialist that many people use for filing U.S. income tax forms comes as phishers overall are...

Ransom Your Employer Email Scam Suspect Arrested

By Deeba Ahmed The scam involved attempts to hire insiders to install DemonWare ransomware on their employer's IT systems. This is a post from HackRead.com Read the original post: Ransom Your Employer Email Scam Suspect Arrested...

Office 365 Phishing Campaign Abuses Stolen Amazon SES Token

A surge in spearphishing emails designed to steal Office 365 credentials include some that were rigged to look like they came from major brands, including Kaspersky. According to a Kaspersky security bulletin posted Monday, two phishing kits identified as “Iamtheboss” and “MIRCBOOT’ are being use...