phishing   2804

« earlier    

Hacking GMail With Weird From Fields – Cotten.IO
This article explains a strange bug in the way Gmail organizes its folders/filters based on falsifying the From field in an attacker’s email. Any email so forged automatically enters the recipients…
phishing  gmail 
22 hours ago by po
Chrome Update Targets 'Abusive' Ads Used on Some Pirate Sites - TorrentFreak
After being pushed towards fringe advertising networks, some pirate sites now display ads that many users would prefer not to encounter. Starting in December, however, a new version of Chrome will attempt to curtail certain "abusive experiences" on all sites, by preventing rogue redirects and misleading dialog boxes, while nuking video 'play' buttons that lead to unwanted downloads.
More than a decade ago, users visiting torrent and file-hosting platforms were often greeted with the same quality of ads present on many regular sites.
Leading companies and brands had few problems with their marketing appearing on major ‘pirate’ sites, with visitors to The Pirate Bay, for example, regularly viewing ads indirectly placed by huge corporations.
chrome  advertising  adblock  phishing  malware  security  privacy 
12 days ago by rgl7194
Chrome 71 will block any and all ads on sites with “abusive experiences” | Ars Technica
Fake error messages, phishing, and other annoyances will soon be heavily penalized.
Google is promising to punish sites that offer what the company calls "abusive experiences." Chrome 71, due for release in December, will blacklist sites that are repeat offenders and suppress all advertising on those sites.
The behaviors deemed abusive cover a range of user-hostile things, such as ads that masquerade as system error messages, ads with fake close boxes that actually activate an ad when clicked, phishing, and malware. In general, if an ad is particularly misleading, destructive, or intrusive, it runs the risk of being deemed abusive.
Chrome already takes some actions against certain undesirable website behaviors; it tries to block popups, it limits autoplay of video, and it blocks certain kinds of redirection. These measures have been insufficient to prevent misleading or dangerous ads, hence Google taking further steps to banish them from the Web.
chrome  advertising  adblock  phishing  malware  security  privacy 
12 days ago by rgl7194
PhishPoint: New SharePoint Phishing Attack Affects an Estimated 10% of Office 365 Users
What makes this attack unique is that the phishing link is inserted directly into a SharePoint file rather than the email itself. This leverages a critical flaw in Office 365's anti-phishing scan to prevent these attacks from being blocked.
it-security  phishing  office-365 
14 days ago by shoesiq
gophish/gophish: Open-Source Phishing Toolkit
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.
phishing  golang 
21 days ago by bmdmc

« earlier    

related tags

&  ++  00000  2010s  2018  2fa  2fhg  510  a  actively  adblock  advertising  against  an  and  anti  antiphishing  apple  apt28  are  as  atm  attack  attacks  attempt  audit  automation  awareness  azure  bank  banking  banks  blob  bots  briankrebs  bug  by  cabel  cabel_sasser  caller  campaign  cardless_atm  case  casestudy  cellphones  certificate  charged  check  china  christopherhadnagy  chrome  claudioguarnieri  cloudflare's  code  combine  coming  complex  conservatives  construct.  conversation  country:germany  credential  credit_cards  crime  crooks  cyber  cybercriminals  darkhydrus  data  datensicherheit  defender  digitalocean  distributed  dnc  dns  domain  driven  drops  e12  e2018  edsec  edtech  education  edv  eff  elections  email  encryption  end  engineering  era  eseptember  expired  exploit  finance  firework  for  framework  fraud  free  gateway  github  gmail  go  golang  hack  hackers  hacking  haughey  higher  hope  horrorstories  humanhacker  iceland  id  impersonate  impersonation  in  inc.  infosec  insurance  into  ipfs  iranian  isdp  it-security  javascript  jaxx  just  krebs  krebsonsecurity  largest  latest  links  list  little  malware  march  mathowie  matt  matt_haughey  messaging  metafilter  microsoft  mitm  money  name  netflix  new  of  offer  office-365  office  office365  on  open-source  panic  passwords  paypal  pen_testing  pentest  pentesting  phone  practical  privacy  protection  quinnnorton  rate  read_archive  recent  red_teaming  relies  report  reportagen  russia  russian  safari  safety  sasser  scam  scammers  scams  scheme  schools  security-audit  security  senate  seo  service  sex  shows  simulated  simulation  site  sites  slack  smsphishing  social  social_engineering  social_media  socialengineering  solutions  spam  speaking  spear-phishing  spoof  spoofing  standards  still  storage  storm  success  sunshine  säkerhet  targeted  targets  technology  template  test  testing  the  theft  threads  through  to  tool  tools  top  trump  twitter  type:tool  typosquatting  universities  url  ursnif  users  uses  vishing  voice  wallet  warnings  was  webapp  wikileaks  windows  wordpress  work  yubikey 

Copy this bookmark: