A Can of Phish Bait: from Surveys to Rule Changes to Your Boss’s Boss

phishbait-surveys-rule-changes-boss

Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has intercepted in recent months, including one that informed recipients that they needed to fill out a compliance form related to COVID-19 risks. “Reasonably well

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

Days after a massive Facebook data leak made the headlines, it seems like we’re in for another one, this time involving LinkedIn. An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as a proof-of-concept sample by the post author.

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server. What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulnerabilities?

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.

Most Phishing Emails Are After Credentials

Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials 57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last year were used for delivering malware. Cofense believes this is because credential phishing emails are better at bypassing email security filters