Android malware, dubbed Triout has re-emerged posing as the trusted online privacy application, Psiphon, to trick users into downloading it. The legitimate “com.psiphon3” package is available in Google’s app store, Google Play and is advertised as a privacy tool that enables access to the open internet. The application has over 50 million installs and over […]
There are reports of a widespread business email compromise (BEC) phishing campaign across multiple industries which involves impersonation of a senior executive and targets other senior executives within an organization. The spoofed email states that a planned board meeting needs to be rescheduled and requests participation in a Doodle poll to identify a new date […]
A new ransomware variant dubbed Cry Tekk uses a phishing tactic in it’s ransom note, which allows users to bypass bitcoin payment and pay the ransom of $40 via a “Buy Now” option. The “Buy Now” option appears in a PayPal window and when users click it they are taken to purported PayPal dialog, which […]
Chrome 72, which is available now from the Chrome menu via Chrome, About Google Chrome (will auto update when accessed) fixes 58 CVE flaws (Common Vulnerabilities and Exposures, a catalog of known security threats sponsored by the U.S. Department of Homeland Security), 17 of which are rated ‘high severity’ and 1 of which is rated […]
Please be advised that a snooping bug has been found in Apple’s FaceTime App. The bug exists in the apps Group Facetime feature and is triggered when someone makes a call using FaceTime and uses the “Add Person” option when the dialed number begins to ring to add themselves. Once the caller adds him/herself, a […]
A recent phishing email, which is a variation of the “Nigerian Prince” scam, a fund transfer fraud, states that the sender is undergoing treatment for cancer and that her late husband has left her millions of dollars that need to be issued to another person to avoid confiscation. The sender further states that she wants […]
Please be advised that the Office of information Security (“OIS”) has seen a recent uptick in imposter scams. As an update to our posts on imposter scams and gift card scams (which are a type of imposter scam), please be on the alert and note the following 3 recent examples of these types of scams: […]
The US-CERT (United States Computer Emergency Readiness Team) has issued an advisory respecting two vulnerabilities found in Microsoft Windows and Windows Server. Successful exploitation of either vulnerability could allow a remote actor to take control of an affected system. Microsoft has patched both of these vulnerabilities via the January Patch Tuesday update and it is […]
Please be advised of a Netflix phishing scam warning that “Your account is on hold” and asking you to update your payment information via an embedded “Update Account Now” link. The following is a sample of this phishing message. Please be reminded: that an email from a familiar company requesting credential input or an update […]
Two fitness apps, “Fitness Balance” and “Calorie Tracker” were recently found to be charging users without their consent and have been removed from the App Store. These apps had phony positive reviews in the App Store and were displaying pop-ups which prompted users to scan their fingerprint to unlock features. However doing so would result […]