Please be advised of an email unsubscribe confirmation scam in which “Confirm your unsubscribe request” appears in the subject line. The body of the email will likely contain an unsubscribe button and generic text. The goal of this phishing campaign is to collect working email addresses to use in other attacks. It is also advisable […]
The FTC has issued an advisory on a new imposter scam variant in which scammers are pretending to be religious leaders, such as rabbis, priests, imams, etc., seeking gift card contributions for worthy causes. These forged communications most commonly arrive via email messages, but may also arrive via text messages or phone calls. Scammers typically […]
The recent Capital One data breach has reportedly exposed the personal information of 106 million credit card customers and applicants in the U.S.and Canada. From individual and small business applications filed between 2005 and early 2019, breached information includes, but is not limited to: Names Dates of Birth Addresses Phone Numbers Credit card holder breached […]
Mac malware dubbed CrescentCore, which is available through Google search results and numerous sites, masquerades as an updater or installer for Adobe Flash Media Player. This malware functions as a trojan horse that will install malicious Safari extensions, rogue disk cleaners and possibly more malware. Notably, if this malware detects that it is running in […]
Please be advised that the Social Security Administration (“SSA”) has noted a skyrocketing of fraudulent calls purporting to come from the SSA. These imposter scam phone calls have been reported to include the following scare tactics: calls alerting you that your social security number has been suspended due to suspicious activity or due to involvement […]
As an update to our April 26th blog post entitled “Amazon Alexa Privacy Alert”, two lawsuits have been filed seeking class-action status regarding Amazon Alexa Echo Dot privacy issues. One lawsuit has been filed in the state court and the other has been filed in federal court. Both suits allege the routine recording of children […]
As an update to our May 15th blog post, regarding the severe security flaw, now known as BlueKeep (CVE-2019-0708), which is a Remote Desktop Services Remote Code Execution Vulnerability, please be advised of the following supplemental security recommendations from the NSA: Block TCP Port 3389 at your firewalls, especially any perimeter firewalls exposed to the […]
Microsoft has asked users of the following Windows versions to urgently apply an update which is available today to protect against a potential widespread exploit: Windows XP — users of Windows XP will need to manually download the update from Microsoft’s update catalog Windows 7 Windows Server 2003 Windows Server 2008R2 Windows Server 2008 Patches […]
Confluence critical vulnerabilities detailed in CVE-2019-3396, are WebDAV and Widget Connector vulnerabilities. The following are two attacks related to these vulnerabilities that are being actively exploited: the infection of servers with GrandCrab ransomware. Please be advised that there are currently no tools available to decrypt files affected by GandCrab version 5.2 (which is being used […]
Researchers from Dark Wolfe Consulting, a cybersecurity consulting firm and the Digital Citizens Alliance (“DCA”), which is a consumer focused group dedicated to making the internet safer have analyzed six pirated streaming devices using the Kodi platform and found that they are rigged with malware and open doors for malware entry. Kodi devices are sometimes […]