Methodology for AP/'FRONTLINE' investigation into how US tech is abused for global scams

The AP/“FRONTLINE” investigation was based on tens of thousands of leaked scam center files, videos and photos; an analysis ...

Four days to make victims fall in love: How global scammers use US tech to fleece people

Technology from American companies is being used to power a revolution in the scam industry, playing a key role in the industrialization and globalization of fraud in ways that have not been clear ...

Feds Say a Darknet Dealer Called ‘DaddyBiden’ Sold Fake Adderall Laced With Meth

Federal investigators say a darknet vendor using the name “DaddyBiden” built up roughly 4,600 sales on Abacus Market and was ...
Dark Reading

Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address

A weakness in certain configurations of Microsoft Exchange enables attackers to send an email from any user to a vulnerable organization. That's according to Swiss cybersecurity firm InfoGuard, which ...
Security Boulevard

Report Surfaces Sharp Spike in Malicious Logins from Low-Risk Sources

A report published by Barracuda Networks this week finds there has been a 25% increase in successful malicious logins to the Microsoft 365 platform from countries that are normally deemed to be ...
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
GitHub

lolbas_with_network_traffic.yml

description: The following analytic identifies the use of Living Off the Land Binaries and Scripts (LOLBAS) with network traffic. It leverages data from the Network Traffic data model to detect when ...
Security Boulevard

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are running paid Facebook ads that look like official Microsoft promotions, then directing users to near-perfect clones of the Windows 11 download page. Click Download Now and instead of a ...
GitHub

bodnjenie14/Tsto---Simpsons-Tapped-Out---Private-Server

This guide provides instructions to set up the TSTO server, patch the tsto.apk, and configure the system to use the server and DLC files. Some work in progress documentation here here. WE NOW SUPPORT ...
Forbes

Do Not Open This PDF On A Microsoft Windows PC

A few weeks on from Microsoft warning Windows users that PDF attachments are increasingly being used in attacks, there’s another warning and a new lure. While the Windows-maker’s alert for PC users ...
LinkedIn

Fake CAPTCHAs on the rise in recent campaigns

ClickFix is a relatively new social engineering tactic by which threat actors trick users into executing malicious code on their hosts. First observed in May 2024, ClickFix has featured in many ...
WeLiveSecurity

DeceptiveDevelopment targets freelance developers

Cybercriminals have been known to approach their targets under the guise of company recruiters, enticing them with fake employment offers. After all, what better time to strike than when the potential ...