Microsoft Teams phishing scam dupes workers on vacation time | Digital Trends

September 12, 2023September 11, 2023 ~ knjohn ~ Leave a comment

Hackers are getting so sophisticated with malware that they are making links look like a notice about company vacation time.

A new phishing scam called “DarkGate Loader” has been uncovered that targets Microsoft Teams. It can be identified with a message and a link that reads “changes to the vacation schedule.” Clicking this link and accessing the corresponding .ZIP files can leave you vulnerable to the malware that is attached.

The research team Truesec has been observing DarkGate Loader since late August and notes that hackers have utilized an intricate downloading process that makes it so the file is difficult to identify as nefarious.

Why You Should Never Borrow Someone Else’s Charging Cable | Forbes

August 22, 2019August 19, 2019 ~ knjohn ~ Leave a comment

We’ve all been there. Your smartphone or tablet is low on power and you’ve left your charging cable at home. There’s no harm in borrowing one from a fellow passenger in the airport departure lounge or from your hotel’s front desk clerk, right?

In 2019, that would be a huge mistake, say cybersecurity experts.

“There are certain things in life that you just don’t borrow,” says Charles Henderson, Global Managing Partner and Head of X-Force Red at IBM Security. “If you were on a trip and realized you forgot to pack underwear, you wouldn’t ask all your co-travelers if you could borrow their underwear. You’d go to a store and buy newma underwear.”

The Petya Plague Exposes the Threat of Evil Software Updates | WIRED

July 7, 2017July 7, 2017 ~ knjohn ~ Leave a comment

ON THE LIST of computer security advice standbys, “update your software” ranks just below with “don’t use the password ‘password.'” But as the cybersecurity research community gets to the bottom of the malware outbreak that exploded out of Ukraine to paralyze thousands of networks around the world last week—shutting down banks, companies, transportation and electric utilities—it’s become clear that software updates themselves were the carrier of that pathogen. Cybersecurity analysts warn that it’s not the only recent incident when hackers have hijacked software’s own immune system to deliver their infections. And it won’t be the last.

Crash Override Malware Took Down Ukraine’s Power Grid Last December | WIRED

June 12, 2017June 12, 2017 ~ knjohn ~ Leave a comment

AT MIDNIGHT, A week before last Christmas, hackers struck an electric transmission station north of the city of Kiev, blacking out a portion of the Ukrainian capital equivalent to a fifth of its total power capacity. The outage lasted about an hour—hardly a catastrophe. But now, cybersecurity researchers have found disturbing evidence that the blackout may have only been a dry run. The hackers appear to have been testing the most evolved specimen of grid-sabotaging malware ever observed in the wild.

Drop a bad habit, gain a virus | Reuters

December 1, 2014 ~ CBPS ~ Leave a comment

He was, of course, talking about physical safety; a Mother Jones report earlier this year was subtitled “a brief history of e-cigs blowing up—in your face, in your car, in your home, in your bar. ” But if that weren’t enough, e-cigarettes are now also proving virtually dangerous: last week an IT employee on Reddit outlined the case of a malware infection that came as the result of using a USB port to charge an e-cigarette that was made in China.

Spearphishing: The dirty email trick favored by the nastiest hackers – Technology on NBCNews.com

March 5, 2013 ~ CBPS ~ Leave a comment

You probably know to watch out for phishing attempts — broad, massive email efforts to get you to hand over personal financial information like a credit card number or to click on a website link that could allow malware to steal information from your computer. Theyre usually riddled with spelling errors and terrible formatting. Spearphishing is subtler, because its aimed at intelligence gathering. It “often takes the form of key personnel inside an organization being emailed a malicious file,” Graham Cluley of Sophos Security told NBC News Tuesday.

Read Article.

The Download.com Debacle | Electronic Frontier Foundation

December 15, 2011 ~ CBPS ~ Leave a comment

CNET’s Download.com site has been embedding adware into the install process for all kinds of software, including open source software like NMAP. For the unwary, some of the ads could have been read to suggest accepting the advertised service (e.g., the Babylon translation tool bar) was part of the installation process. Users who weren’t paying attention may also have clicked “accept” simply by accident. In either event, after their next restart, they would have been surprised to find their settings had been changed, new tool bars installed, etc.

Read Article.

Microsoft Anti-Malware Tool Mistakenly Snuffs Google Chrome | Wired Enterprise | Wired.com

October 4, 2011 ~ CBPS ~ Leave a comment

Microsoft’s Security Essentials anti-malware tool has mistakenly identified Google Chrome as a password-pilfering trojan — and actually removed the browser from many users’ machines — but a fix for this rather amusing false positive is now available.

Read Article.

My wife and I have an inside joke for unwanted assistance. We say ‘Stop helping like Microsoft’ – Ed.