Hackers Still Abusing LinkedIn Smart Links in Phishing Attacks
Email security firm Cofense in 2022 uncovered a phishing campaign that abused LinkedIn’s Smart Links feature to redirect unsuspecting victims to malicious websites, another example of bad actors using a trusted source ...
Security Boulevard
Don’t Let Zombie Zoom Links Drag You Down
BrianKrebs | | A Little Sunshine, Charan Akiri, Latest Warnings, linkedin, The Coming Storm, Zoom, Zoom Personal Meeting ID
Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom ...
Teach a Man to Phish and He’s Set for Life
BrianKrebs | | A Little Sunshine, Check Point Software, Latest Warnings, linkedin, Microsoft, Microsoft 365, Phishing, right to left override, Web Fraud 2.0
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a ...
Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks
BrianKrebs | | Arkady Bukh, Dmitry Volkov, dropbox, FACCT, Fight Against Cybercrime Technologies, Formspring, Group-IB, Ilya Sachkov, Lamarez, linkedin, Ne'er-Do-Well News, Oleg Tolstikh, Oleksandr Vitalyevich Ieremenko, U.S. Secret Service, U.S. Securities & Exchange Commission, Yevgeniy Nikulin, Zl0m
Nikita Kislitsin, formerly the head of network security for one of Russia's top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Department of ...
The Benefits of Using LinkedIn Audio Events for Your Next MSP Event
While you can’t replace face-to-face networking, virtual events are a great option and may even be a better alternative, particularlyRead More The post The Benefits of Using LinkedIn Audio Events for Your ...
Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn
BrianKrebs | | A Little Sunshine, amazon, Anastacia Brown, Apple, Binance, Employment Fraud, Indeed, Jay Pinho, linkedin, Mandiant, Nicholas Weaver, SignalHire, Web Fraud 2.0
On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in ...
Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn
Tom Eston | | Bots, Cyber Security, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, Fake accounts, Fake Profiles, Information Security, Infosec, Joe Sullivan, linkedin, Microsoft, NIST, Password, Password Expiration, passwords, Podcast, Privacy, security, technology, Uber, Weekly Edition
Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password ...
Warning: N. Korean Job Scams Push Trojans via LinkedIn
Richi Jennings | | APT38, DPRK, Job interviewers can learn from this, Kim Jong-un, Lazarus, Lazarus Group, linkedin, North Korea, SB Blogwatch, ZINC
Hey, hey, DPRK, how many people will you scam today? ...
Security Boulevard
Fake CISO Profiles on LinkedIn Target Fortune 500s
BrianKrebs | | A Little Sunshine, fake CISOs, linkedin, Ne'er-Do-Well News, Rich Mason, The Coming Storm, Web Fraud 2.0
Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network ...
Fighting Fake EDRs With ‘Credit Ratings’ for Police
BrianKrebs | | A Little Sunshine, Apple, ATT, Coinbase, Discord, emergency data request, FBI, GitHub, google, Kodex, linkedin, Matt Donahue, Meta, Microsoft, Snapchat, T-Mobile, The Coming Storm, TikTok, Twilio, Twitter, verizon, Web Fraud 2.0
When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts ...