Security Alerts & News
by Tymoteusz A. Góral

History
#1270 Can you trust that invoice? Nigerian 419 scammers ply new wire-wire trade via compromised email
Former Nigerian 419 scammers are turning to more sophisticated and bigger-paying jobs that start with compromising the email accounts of staff responsible for selling, and then waiting for a juicy request for a quote.

According to Dell SecureWorks, these new-generation Nigerian scammers are known as 'waya-waya' or wire-wire, and conduct wire fraud by compromising a supplier's email.

The FBI warned earlier this year that businesses have been exposed to an estimated $3.1bn in potential losses due to so-called business email compromise (BEC) since 2013. These crimes usually take the form of an attacker spoofing the email account of a CEO and then ordering a subordinate to transfer funds to a supposed supplier's account.

However, SecureWorks' says its probe into one Nigerian operation uncovered a far more "devious" attack than spoofing the boss's email account. The attackers instead are compromising a seller's email account to place themselves between the buyer and seller during a transaction.
Read more
#1270 Can you trust that invoice? Nigerian 419 scammers ply new wire-wire trade via compromised email
#1269 Italian malware is spying on Chinese Android users: But why?
#1268 Microsoft cranks up encryption in .Net framework
#1267 Fake Prisma apps found on Google Play
#1266 This ATM hack could allow thieves to make off with thousands
#1265 BlackHat2016: badWPAD – The doubtful legacy of the WPAD protocol
#1264 HEIST: HTTP encrypted Information can be stolen through TCP-windows (PDF)
#1263 Lack of encryption leads to large scale cookie exposure
#1262 Are smart city transport systems vulnerable to hackers?
#1261 Pokemon GO DDoS attacks postponed as PoodleCorp botnet suffers security breach
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12