It is an old trick, and one that scammers are once again using following massive lay-offs after the coronavirus outbreak and mandates to shelter from home. The trick is to impersonate an employer recruiting for jobs, or touting the ability to make lots of money while working from home. As the old adage says, “If … Continue Reading
Spam is invading all aspects of our online life, and of late, even our online calendars. I hadn’t thought about embedded malware in calendar invites until I read an informative krebsonsecurity.com blog article this week. I think this is something everyone should know about and be mindful of when receiving calendar invites. Calendar invites are … Continue Reading
I have been alerting clients that I know use Wipro, but may have missed some of you. It is being reported that IT outsourcing company Wipro Ltd. has been hacked through several phishing campaigns from what is believed to be a state-sponsored attacker. According to recent reports, including KrebsonSecurity, sources have stated that “Wipro’s systems … Continue Reading
The United State Postal Service (USPS) launched a program called “Informed Delivery” with the goal to assist consumers in protecting themselves from identity theft. The program allows consumers to register an account on usps.gov which allows one to view scanned images of all of their incoming mail for free. However, it is being reported that … Continue Reading
We reported last week that a spyware maker compromised users’ and victims’ sensitive information [view related post]. Since that time, another spyware maker, mSpy, which holds itself out as having over a million users employing its product to “spy” on their partners and children, has reportedly leaked the passwords, call logs, text messages, location data, … Continue Reading
Medical transcription provider MEDantex has reportedly exposed the protected health information of thousands of patients through its unsecured provider portal, which did not require a password for access. According to reports, including KrebsOnSecurity, the patients’ audio medical notes were uploaded to MEDantex’s website, which were then to be transcribed and uploaded to a portal accessible … Continue Reading
San Francisco based OneLogin, which provides single sign on and identity management services for companies and app vendors, recently notified its users that it has discovered an unauthorized access to its data. The idea behind OneLogin is for a user to have one username and password that it can use through OneLogin’s platform for all … Continue Reading
KrebsonSecurity has reported that the Russian organized cybercrime group dubbed the Carbanak Gang, which in the past has been suspected of stealing more than $1 billion from banks, retailers and hotels and restaurants worldwide, may have breached “hundreds of computer systems” at Oracle Corp’s MICROS division. It is further reported that Oracle’s MICROS division is … Continue Reading
KrebsOnSecurity has reported that sources from the banking industry have advised of a pattern of fraud on credit cards used at Trump Hotel Collection (Trump) properties. Trump has confirmed that it is investigating the matter. If confirmed, this would be the second breach of its credit card systems in the past year. Trump notified card … Continue Reading
In a report of an audit of 13 IRS approved tax filing firms, Online Trust Alliance found that six of the 13 firms do not provide adequate security against cyberintrusions. The firms, all members of the IRS’s Free File Alliance, provide free tax preparation and e-filing of approximately 100 million federal tax returns. According to … Continue Reading
