Jan 16, 2025 | Podcast
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection Cybersecurity researchers have uncovered a new wave of credit card skimmers targeting WordPress e-commerce sites. This campaign injects malicious JavaScript into the wp_options table...
Jan 15, 2025 | Podcast
https://www.crowdstrike.com/en-us/blog/recruitment-phishing-scam-imitates-crowdstrike-hiring-process Cybercriminals are targeting developers with a new phishing campaign that impersonates CrowdStrike, a cybersecurity company. The campaign tricks victims into...
Jan 14, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection Cybercriminals are employing a new tactic in their smishing (SMS phishing) campaigns: tricking Apple iMessage users into replying to texts, thereby...
Jan 13, 2025 | Podcast
https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c A new ransomware campaign leverages Amazon Web Services’ (AWS) Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt victims’ data stored in...
Jan 10, 2025 | Podcast
https://thehackernews.com/2025/01/neglected-domains-used-in-malspam-to.html Cybersecurity researchers have uncovered a concerning trend where cybercriminals are increasingly exploiting neglected domains to evade email security measures and deliver malicious payloads....
Jan 9, 2025 | Podcast
https://krebsonsecurity.com/2025/01/a-day-in-the-life-of-a-prolific-voice-phishing-crew/ A new report reveals how sophisticated voice phishing gangs are exploiting legitimate services from Apple and Google to steal millions from cryptocurrency investors. These groups,...
Jan 8, 2025 | Podcast
https://www.theage.com.au/national/broke-desperate-jobseekers-are-falling-for-gold-mine-employment-scams-in-droves-20250105-p5l26q.html Australians struggling to find work are falling victim to sophisticated employment scams operating on platforms like WhatsApp,...
Jan 7, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/over-4-000-backdoors-hijacked-by-registering-expired-domains Security researchers at WatchTowr Labs have discovered thousands of active web backdoors hijacked by registering expired domains used to control them. These...
Jan 6, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2024 The year 2024 was marked by an unprecedented wave of cybersecurity incidents, from devastating data breaches to crippling ransomware attacks. As new threat actors...
Jan 3, 2025 | Podcast
https://www.paulosyibelo.com/2024/12/doubleclickjacking-what.html A new cyberattack technique dubbed “DoubleClickjacking” has been discovered, exploiting the timing between double-clicks to bypass existing clickjacking protections. This allows attackers to...
