N. Korean Hackers Use PylangGhost Malware in Fake Crypto Job Scam

North Korean hackers deploy PylangGhost malware through fake crypto job interviews targeting blockchain professionals with phishing and remote access tools...

Malicious ad distributes SocGholish malware to Kaiser Permanente employees

On December 15, we detected a malicious campaign targeting Kaiser Permanente employees via Google Search Ads. The fraudulent ad masquerades as the health care company's HR portal used to check for benefits, download paystubs and other corporate related tasks. We believe the threat actors' intent...

Scammer robs homebuyers of life savings in $20 million theft spree

A 33-year-old Nigerian man living in the UK and his co-conspirators defrauded over 400 would-be home buyers in the US. In the initial phase, Babatunde Francis Ayeni and his criminal gang targeted US title companies, real estate agents, and real estate attorneys. Employees of these companies were...

Europol Shuts Down iServer Phishing Scheme and Ghost Cybercrime Chat Platform

Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service PhaaS platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by...

Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme

A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trustwave SpiderLabs...

Navigating the perilous waters of conference invitations

TL:DR Being asked to speak at events is great …except when it looks like a scam or a phishing attempt This is walkthrough of my experience If you think it’s a scam, it probably is Its a typical Sunday evening, and as Im gearing up for the week ahead and an interesting email lands in my inbox. The...

A week in security (January 3 – 9)

Last week on Malwarebytes Labs: Ransomware attacks Finalsite, renders 8,000 school sites unreachable for days Patchwork APT caught in its own web Sophisticated phishing scheme spent years robbing authors of their unpublished work Google and Facebook fined $240 million for making cookies hard to...

This Steam phish baits you with free Discord Nitro

Weeks ago, we talked about the one effective lure that could get a Discord user to consider clicking on a scam link they were generously given, either by a random user or a legitimate contact who also happened to have fallen for the same ploy: free Discord Nitro subscriptions. And similar to how...

DoJ Charges Rhode Island Woman in Phishing Scheme Against Politicians

The Department of Justice DoJ has charged a woman in Rhode Island in a phishing campaign against candidates for political office and related associates that impersonated various individuals–including campaign workers and the Microsoft security team—in an attempt to trick victims into providing...

Facebook Password Stealing Apps Found on Android Play Store

Even after many efforts made by Google last year, malicious apps always somehow manage to make their ways into Google app store. Security researchers have now discovered a new piece of malware, dubbed GhostTeam, in at least 56 applications on Google Play Store that is designed to steal Facebook...

Fourth Fappening Hacker Admits to Stealing Celebrity Pics From iCloud Accounts

Almost three years after the massive leakage of high-profile celebrities' photos—well known as "The Fappening" or "Celebgate" scandal—a fourth hacker has been charged with hacking into over 250 Apple iCloud accounts belonged to Hollywood celebrities. A federal court has accused George Garofano, 2...

CVE-2016-6853

An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code and references to external websites can be injected to the names of PGP public keys. When requesting that key later on using a specific URL, such script code might get executed. In case of injecting external websites,...

Second 'Fappening' Hacker Pleads Guilty; Facing up to 5 years in Prison

A second man has pleaded guilty for his role in 'The Fappening' breach of 2014, in which the Internet was flooded with thousands of photographs of popular celebrities, including Jennifer Lawrence, Kim Kardashian, Kate Upton and Kirsten Dunst. Edward Majerczyk 28 of Chicago, Illinois agreed to ple...

IRS Issues Alert for Tax Phishing Scheme

The Internal Revenue Service IRS has issued a news release addressing a new spear phishing scheme targeting payroll and human resource professionals. In this scheme, cybercriminals pose as company executives requesting personal information on employees. US-CERT encourages users and administrators...

Ukrainian Banking App Vulnerable to Attack

Privat24, the mobile banking application for Ukraine’s largest commercial bank, contains an insufficient validation vulnerability in its iOS, Android, and Windows phone apps that could give an attacker the ability to steal money from user accounts after bypassing its two-factor authentication...