phishing   2759

« earlier    

Gophish - Open Source Phishing Framework
Gophish - An Open-Source Phishing Framework
security  phishing 
yesterday by ultrashea
How to Protect Yourself From a Phishing Attack by Hackers - The Atlantic
Tricking people out of sensitive information online is far too easy.
4 days ago by daniel.zappala
RT : ⚠️ Beware! This webpage has numerous suspicious elements! It might be a 🎣 page impersonating A…
phishing  from twitter_favs
5 days ago by ciphpercoder
Apple's Safari Falls For New Address Bar Spoofing Trick
An unpatched vulnerability in the Safari web browser allows an attacker to control the content displayed in the address bar, a security researcher discovered. The method enables well-crafted phishing attacks that are difficult to spot by the average consumer.
The bug is a race condition type and it is caused by the browser permitting JavaScript to update the address bar before a web page loads completely.
Apple is taking its time to release a fix
Security researcher Rafay Baloch was able to reproduce the vulnerability only in Safari and Edge web browsers.
He informed the makers of the two browsers about the risk, but only Microsoft responded with a patch on August 14, as part of its regular release of security updates.
Apple received a report about the bug on June 2, and 90 days to fix it before public disclosure. The three-month period expired more than a week ago and there is no patch for Safari.
safari  privacy  security  bug  phishing  javascript 
6 days ago by rgl7194
IFAP - Electronic Announcements
RT : US Department of Education warns active phishing campaign targeting student email accounts
phishing  edtech  from twitter
11 days ago by douglevin
Back to School Essentials for Security | Electronic Frontier Foundation
Going back to school? This is a perfect time for a digital security refresh to ensure the privacy of you and your friends is protected!
It’s a good time to change your passwords. The best practice is to have passwords that are unique, long, and random. In order to keep track of these unique, long and random passwords, consider downloading a password manager.
As a great additional measure: You can add login notifications to your accounts, so that you can monitor logins from devices you don’t recognize.
security  privacy  EFF  schools  passwords  social_media  phishing  encryption  messaging 
17 days ago by rgl7194
Firework: Leveraging Microsoft Workspaces in a Penetration Test
WCX files can be used to configure a Microsoft Workplace on a system with a couple of clicks. The enrollment process could disclose credentials in the form of a NetNTLM hash. Authentication will either take place automatically on older Windows versions or will prompt a user for credentials on more recent ones. Workplaces can potentially be further weaponised as part of a wider social engineering campaign.
security  phishing  Firework 
18 days ago by tiredoldfellow
RT : It’s shocking how much companies are paying for simulation products. Fundamentally it is pretty simple to…
phishing  from twitter_favs
19 days ago by jabbrwcky

« earlier    

related tags

++  2016_election  2018  2fa  2fhg  a  actively  and  anti  antiphishing  apple  appleid  apt28  are  article  atm  attack  attacks...  attacks  attempt  audit  awareness  aws  banking  bug  by:jameshfisher  bypass  caddyfile  campaign  can  case  cert  certificates  charged  check  combine  comic  conservatives  country:germany  crime  crooks  crypto  cybercriminals  cybersecurity  cyberwar  dangling  darkhydrus  database  datensicherheit  defender  developers  digital  dkim  dnc  dns  domain  domains  e12  e2018  edtech  edv  eff  elections  email  employees  encryption  engine  engineering  eseptember  ev  example  expired  explanations  exploit  facebook  factoring  feature  find  firework  for  fraud  gdpr  git  github  gmail  go  golang  google  grammar  grimmeathook  hack  hackers  hacking  higher  hollywood  horrorstories  hostile  how_to  i18n  icloud  ifttt  impersonation  impervious  important  in  inform  information  infosec  infosecurity  insurance  internet  iranian  its  javascript  jaxx  jm  john_podesta  june  just  keys  krebs  language  links  list  lookalike  macro  made  malware  march  marketing  messaging  michaelorlando  microsoft  misuse  mitm  money  name  netflix  network  newsletter  nginx  nonexistent  notify  october_2016  of  office  office365  on  open-source  opsec  papers  passwords  pen_testing  pentest  pentesting  practical  presentation  privacy  python  quinnnorton  rate  recent  reconnaissance  record  red_teaming  reference  relies  report  reportagen  reporting  research  resource  russia  russian  s3  safari  safety  scam  scammers  scams  schools  search  security  senate  seo  service  sex  share  simulated  simulation  siri  site  sites  smishing  social  social_engineering  social_media  spam  speaking  spear-phishing  spearphishing  spoofing  ssl  still  success  suggestions  säkerhet  targeted  techcrunch  template  test  testing  thief  tls  to  tool  tools  training  trump  twitter  type:tool  unicode  universities  url  usb  users  using  wallet  warns  was  web  webapp  wikileaks  windows  wired  yubikey  zachharris     

Copy this bookmark: