Widely-used URL tracking systems are often abused in phishing attacks. The domains used by these systems are commonly known and trusted, making them attractive carriers for phishing URLs. To illustrate how it works, this post breaks down a recently-observed phishing attack that uses Google Ads’ tracking system to evade email filters.
How it works
Piggybacking on a domain is appealing to threat actors not only because it increases the odds of making it past spam filters, but also for ease of creation. By editing an existing URL, the burden of setting up their own redirect is removed, and they are able to take advantage of infrastructure already in place to launch their campaign.
Regulations related to the collection, storage and use of personal data don’t apply to the collection of license plate readings, a court has found, calling privacy regs into question
As you drive to George Mason University in Fairfax, Virginia, you may very well pass a blue and grey Fairfax County police car with its shiny lights and trunk-mounted Automated License Plate Reader (ALPR). The camera will take a picture of your license plate; scan it; analyze it; “read” the letters, numbers and state of issue; and compare it against a “hot list” of wanted or stolen cars or determine whether the owner of the vehicle is “wanted” and therefore stop the driver under the assumption that they might be the wanted owner.
Businesses have increasingly adopted IoT devices, especially amid the COVID-19 pandemic to keep their operations safe. Over the past year, the number of IoT devices employed by various organizations in their network has risen by a remarkable margin, as per research conducted by Palo Alto Networks’ threat intelligence arm, Unit 42. While looking into the current IoT supply ecosystem, Unit 42 explained the multi exploits and vulnerabilities affecting IoT supply chains. The research also examined potential kinds of motivation for exploiting the IoT supply chain, illustrating how no layer is completely immune to the threat.
Amazon has sent emails to users warning of a rogue insider who has been fired after disclosing customer details to a third party.
As detailed in a tweet posted by user Zain Jaffer, the email read: “We are writing to let you know your email address was disclosed by an Amazon employee to a third party in violation of our policies.” The email goes on to claim the employee has been fired, referred to law enforcement and stated that no other information related to the recipient’s account was shared.
“This is not a result of anything you have done and there is no need for you to take any action, we apologize for this incident,” it continued.
The discovery of Stuxnet in 2010, followed by its in-depth analysis, uncovered several “industry firsts”, including hijacking of Windows Management Instrumentation (WMI) to enumerate users and spread to available network shares.
In the past decade, most of the malware features at least one technique to hijack WMI for persistence, discovery, lateral movement or defense evasion.
This whitepaper describes how WMI hijacking works and how it is used in several families of malware currently in existence.
Cybersecurity is a growing concern for businesses and individuals worldwide, with more people creating and leaving digital footprints in the virtual world. To this end, people need to secure their information by tightening their security protocols.
Safeguarding information birthed the world of cybersecurity, which has become a lucrative career path for most tech-savvy people. There is room for as many people considering this career path, and acquiring the knowledge does not require a primary formal education.
There is a long list of online courses — whether paid or free — for those who wish to become successful in this field to choose from. To keep you from searching for a needle in a haystack, we’ve put together top seven online courses for a successful career in cybersecurity.
President Trump’s campaign website was briefly and partially hacked Tuesday afternoon as unknown adversaries took over parts of the page, replacing them with what appeared to be a scam to collect cryptocurrency. There is no indication, despite the hackers’ claims, that “full access to trump and relatives” was achieved or “most internal and secret conversations strictly classified information” were exposed.