Massive complaints come from Indian users regarding a new wave of SMS phishing scams, particularly targeting iPhones. They mimic delivery notification messages from India Post, one of the major postal services in the country. Fraudsters try stealing user credentials associated with that service, which may be the fuel of further scams. Fraudsters Impersonate India Post… Continue reading India Post SMS Phishing Targets Mobile Users in India
Author: Stephanie Adlam
I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.
Docker Engine Authentication Bypass Vulnerability Exploited
Attackers are actively exploiting a critical vulnerability in the Docker Engine that may allow for authentication bypass in a chain attack. This vulnerability allows attackers to bypass AuthZ authorization plugins, effectively mutilating any auth control. For this and several other reasons, the flaw got the max severity score possible (10.0). Critical Docker Engine Flaw Allows… Continue reading Docker Engine Authentication Bypass Vulnerability Exploited
Hamster Kombat Players Targeted in a New Malware Spreading Scheme
Players of Hamster Kombat have become prime targets for scammers promoting phishing schemes aimed at those looking for easy earnings. Malicious actors steal confidential data and infect inattentive players with malware. Due to the technical aspects of Hamster Kombat, these fraudulent schemes are highly successful. Hamster Kombat Tap-Game Players Targeted in Malware Spreading ESET researchers… Continue reading Hamster Kombat Players Targeted in a New Malware Spreading Scheme
New Telegram Scam Mimics Digital Wallets, Promotes Shady Apps
A new Telegram scam has emerged, leveraging bots functionality of the application and offering fake earning schemes. Scammers impersonate official bots of popular digital wallet brands, tricking users into investing their money into non-existent ventures. Further, they simply cut any communications, leaving users with no money and no promised returns. Telegram Bots Mimic Digital Wallet… Continue reading New Telegram Scam Mimics Digital Wallets, Promotes Shady Apps
Trojan:BAT/PSRunner.VS!MSR
Trojan:BAT/PSRunner.VS!MSR is a detection of malware that executes malicious commands on a compromised system. It does not do much hurt by itself and rather serves for payload delivery & running. Aside from that, it does some basic system reconnaissance and gains persistence for the further payloads. Trojan:BAT/PSRunner.VS!MSR Overview Trojan:BAT/PSRunner.VS!MSR is a type of malware detection… Continue reading Trojan:BAT/PSRunner.VS!MSR
How to Stop Spam Texts?
The spam texts can include spam emails and spam calls. These are all unwanted and often annoying text messages whose sender you don’t know. The purpose of such spam is to deceive the user and get his confidential information or draw you into the phishing attempt. These statements are received from a computer programmed to… Continue reading How to Stop Spam Texts?
Jellyfish Loader Malware Discovered, Threatens 2024 Olympics
A new threat has been discovered in the form of a Windows shortcut that is actually a .NET-based shellcode downloader called Jellyfish Loader. It has some strange features that may signify that it is still at the development stage. Nonetheless, this malware is capable of deploying other malicious software in a selection of ways. Jellyfish… Continue reading Jellyfish Loader Malware Discovered, Threatens 2024 Olympics
How to Prevent Email Spoofing
Types of Email Spoofing Email spoofing, also known as spoofing email, involves forging the sender’s email address. Often, the address in the sender’s field is fake; any responses sent to this address will likely reach a third party. The primary goal of this scam is to deceive the user. Fraudsters deploy a variety of tactics… Continue reading How to Prevent Email Spoofing
CSRF (Cross-Site Request Forgery) vs XSS
Cross-Site Request Forgery Cross-Site Request Forgery (CSRF) is an attack targeting vulnerabilities in computer security, posing significant risks to user information and accounts. It manipulates the web browser to perform unwanted actions within an application, harming the user logged into the system. A successful attack can lead to unauthorized money transfers, data theft, password changes,… Continue reading CSRF (Cross-Site Request Forgery) vs XSS
ARP Spoofing (ARP Cache Poisoning) Attack
ARP Spoofing (also known as ARP Cache Poisoning) is a type of cyber attack based on sending malicious ARP (Address Resolution Protocol) packets by attackers to the default gateway via the local network (LAN), using it in such a way as to associate its own MAC address with the IP address of the gateway device.… Continue reading ARP Spoofing (ARP Cache Poisoning) Attack