23 February 2022

PHISHING: Hacking Attacks Vulnerability + Ransomware Demands | Bleeping Computer

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.
<div class=__reading__mode__extracted__imagecaption>Tricia Hipps
 
Latest Articles

OpenSea users lose $2 million worth of NFTs in phishing attack

The non-fungible token (NFT) marketplace OpenSea is investigating a phishing attack that left 17 of its users without more than 250 NFTs worth around $2 million.

NFTs represent data stored on a blockchain, Ethereum in this case, that declares ownership of digital files, typically media files of artwork.

Currently valued at $13.3 billion and considered one of the largest in the world, OpenSea is a peer-to-peer NFT marketplace that also enables trading rare digital items and crypto collectibles.

Exploiting a migration

Phishing actors are always looking for ways to take advantage of changes that require users to take action and the OpenSea NFT theft is no different.

Researchers at Check Point say in a report today that the phishing actors knew about OpenSea upgrading its smart contract system to purge old and inactive listings on the platform and prepared for the migration with emails and websites of their own.

OpenSea informed its users that they had to update their listings between February 18 - 25 if they wanted to continue using the platform.

 
Cobalt Strike

Vulnerable Microsoft SQL Servers targeted with Cobalt Strike

Threat analysts have observed a new wave of attacks installing Cobalt Strike beacons on vulnerable Microsoft SQL Servers, leading to deeper infiltration and subsequent malware infections.

ukraine-police-car

Police bust phishing group that used 40 sites to steal credit cards

The Ukrainian cyberpolice have arrested a group of phishing actors who managed to steal payment card data from at least 70,000 people after luring them to fake mobile service top up sites.

  • Expeditors International

    Expeditors shuts down global operations after likely ransomware attack

    Seattle-based logistics and freight forwarding company Expeditors International has been targeted in a cyberattack over the weekend that forced the organization to shut down most of its operations worldwide.

  • Robot

    Revamped CryptBot malware spread by pirated software sites

    A new version of the CryptBot info stealer was seen in distribution via multiple websites that offer free downloads of cracks for games and pro-grade software.

  • No comments: