Enlarge / A woman scans a QR code in a café to see the menu online. reader comments 27 The US Federal Trade Commission has become the latest organization to warn against the growing use of QR codes in scams that attempt to take control of smartphones, make fraudulent charges, or obtain personal information. Short… Read More »
Wired staff; Getty Images reader comments 46 with For state-sponsored hacking operations, unpatched vulnerabilities are valuable ammunition. Intelligence agencies and militaries seize on hackable bugs when they’re revealed—exploiting them to carry out their campaigns of espionage or cyberwar—or spend millions to dig up new ones or to buy them in secret from the hacker gray… Read More »
Enlarge / Man hand holding a mobile phone with QR code. Getty Images reader comments 92 with Phishing mongers have released a torrent of image-based junk emails that embed QR codes into their bodies to successfully bypass security protections and provide a level of customization to more easily fool recipients, researchers said. In many cases,… Read More »
Getty Images reader comments 69 with Share this story Microsoft on Tuesday profiled software for sale in online forums that makes it easy for criminals to deploy phishing campaigns that successfully compromise accounts, even when they’re protected by the most common form of multi-factor authentication. The phishing kit is the engine that’s powering more than… Read More »
Getty Images | Carol Yepes reader comments 32 with 0 posters participating Share this story Hackers have devised a way to bypass ChatGPT’s restrictions and are using it to sell services that allow people to create malware and phishing emails, researchers said on Wednesday. ChatGPT is a chatbot that uses artificial intelligence to answer questions… Read More »
Enlarge / Using Teams in a browser is actually safer than using Microsoft’s desktop apps, which are wrapped around a browser. It’s a lot to work through. reader comments 65 with 41 posters participating Share this story Microsoft’s Teams client stores users’ authentication tokens in an unprotected text format, potentially allowing attackers with local access… Read More »
Enlarge / This is definitely not a Razer mouse—but you get the idea. (credit: calvio via Getty Images) There has been a recent flurry of phishing attacks so surgically precise and well-executed that they’ve managed to fool some of the most aware people working in the cybersecurity industry. On Monday, Tuesday, and Wednesday, two-factor authentication… Read More »
Enlarge (credit: Getty Images) At least two security-sensitive companies—Twilio and Cloudflare—were targeted in a phishing attack by an advanced threat actor who had possession of home phone numbers of not just employees but employees’ family members as well. In the case of Twilio, a San Francisco-based provider of two-factor authentication and communication services, the unknown… Read More »
Getty Images reader comments 186 with 108 posters participating, including story author Share this story For more than a decade, we’ve been promised that a world without passwords is just around the corner, and yet year after year, this security nirvana proves out of reach. Now, for the first time, a workable form of passwordless… Read More »
Getty Images reader comments 111 with 88 posters participating, including story author Share this story When we teach people how to avoid falling victim to phishing sites, we usually advise closely inspecting the address bar to make sure it does contain HTTPS and that it doesn’t contain suspicious domains such as google.evildomain.com or substitute letters such… Read More »