FBI warns online daters to avoid “free” online verification schemes that prove costly

The FBI has warned of fraudsters targeting users of dating websites and apps with “free” online verification service schemes that turn out to be very costly. Instead of being free, as advertised, the verification schemes involve steep monthly subscription fees, and will steal personal information...

Experts Analyze Conti and Hive Ransomware Gangs' Chats With Their Victims

An analysis of four months of chat logs spanning more than 40 conversations between the operators of Conti and Hive ransomware and their victims has offered an insight into the groups' inner workings and their negotiation techniques. In one exchange, the Conti Team is said to have significantly...

Design/Logic Flaw

A vulnerability exists in Rancher 2.1.4 in the login component, where the errorMsg parameter can be tampered to display arbitrary content, filtering tags but not special characters or symbols. There's no other limitation of the message, allowing malicious users to lure legitimate users to visit...

CVE-2019-11881

Summary: CVE-2019-11881 affects Rancher server versions prior to 2.2.4, in the login component. The vulnerability arises from tampering with the “errorMsg” parameter, which can display arbitrary content after filtering tags but not special characters, enabling attackers to lure users to phishing ...

Sextortionists Shift Scare Tactics to Include Legit Passwords

A fresh take on the classic sextortion scam is making the rounds, with several reports confirming a new wrinkle in approach: The inclusion of a legitimate password in the email for the campaign. Multiple end users have received scam email messages from actors claiming to have taken over the...

Mobile Menace Monday: re-emergence of a fake Android AV

Back in early 2013, a new mobile antivirus AV company called Armor for Android emerged into the mobile security software industry that had everyone perplexed. It seemed eerily like malware known as a Fake AV, and some even gave it that label. As a younger mobile researcher, I was one of those who...

Tech support scammer tries to sell free software

AmericaGeeks is your typical tech support scam company, but with an extra warming glow of attitude, greed, and complete all-around rudeness. Most scams will gladly take your money by buttering up the victim while simultaneously scaring them into thinking that they are in a dangerous situation wit...

Malware Campaign Extorts Users with SOPA Threats

A new scareware-ransomware hybrid attempts to convince users they are being sued in violation of the Stop Online Piracy Act SOPA and offers to remedy the problem if users purchase a fake antivirus solution. The malware claims to have detected illegal torrent files on the computer and offers to...

The Lesson of Stuxnet and Aurora: Get Back to Basics or Get Owned

SAN FRANCISCO–It’s often said that after decades of work and technological advances, the security industry hasn’t actually solved any problems or made things any better. But that’s not entirely true. The industry has in fact perfected the art of exploiting the scare ’em and snare ’em,...

Account protection status warning scares Facebook Users !

Over the last few weeks we have been contacted by a number of members of the our Facebook page, concerned by a message they saw on Facebook, warning them that their account protection was "very low". With fake anti-virus also known as scareware attacks becoming an ever-growing problem they attemp...

LifeLock Settles with FTC for $11 Million

LifeLock, an Arizona company promising customers protection from identity theft, has agreed to pay $12 million to settle charges that the company overstated its benefits and used “scare tactics” to gain subscribers. Read the full article. Computerworld...

A Look Deep Inside the Scareware Epidemic

Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky has written an in-depth article describing the scareware fake anti-virus epidemic. The article touches on the common distribution techniques, the tricks used to scare users into paying fraudsters for a removal tool and the way code generators...