eWeek

Script Injection Makes Phishing Harder to Catch

eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More Cross-site scripting (XSS) attacks have become one of the ...
Bleeping Computer

Spam Botnet Tracked Down to Malicious PHP Script Found on 5,000 Hacked Sites

A malicious PHP script found on over 5,000 compromised websites has been fingered as the source of a large-scale spam campaign that has been silently redirecting users to web pages hosting diet and ...
Bleeping Computer

Office 365 phishing runs real-time check of stolen domain logins

Threat researchers investigating phishing attacks encountered a less common technique in spear-phishing aimed at a senior executive at a top American company. The code behind the phishing page made ...
Dark Reading

AWS SNS Hijackings Fuel Cloud Smishing Campaign

Showcasing a previously unseen cyberattack technique, threat actors are using Amazon Web Services Simple Notification Service (AWS SNS) and a custom bulk-messaging spam script called SNS Sender to ...
IT News For Australia Business

Experts detect sharp hike in ‘script kiddie’ phishing tools

According to SurfControl's Advanced Threat Intelligence (ATI) division, these pre-packaged kits include ready-made graphics, programming code and sample content used to generate emails capable of ...
New Scientist

'Phishing' email covertly redirects web browsers

A new email “phishing” scam uses a tiny program to modify computers so that they covertly redirect a victim’s web browser to a bogus banking site. Opening one of the new phishing messages will trigger ...
CSOonline

Scammers still using Google Drive for Phishing attacks

Researchers at Symantec have discovered another Phishing campaign using Google Drive, one that mirrors a similar attack form two months ago. The technical aspects are so familiar, that Symantec’s team ...