Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
7 Fraud Predictions in the Wake of the Coronavirus
Newest First  |  Oldest First  |  Threaded View
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/30/2020 | 3:11:50 PM
Re: Bank account
This is advice that needs to be heeded. Same goes for if you receive a call that you are suspicious of, go to the actual website find the phone number and call them. 
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/30/2020 | 2:07:23 PM
Re: Good days
Agreed and they never fail to miss an opportunity. Its somewhat sad really.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2020 | 8:00:41 PM
Bank account
But the US has yet to see this clever voice scam that tricks unsuspecting users into logging into their online bank account Never access your bank via a link, always go to their site directly.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2020 | 7:56:18 PM
Mule
With the latest jobs report showing that there could be more Americans unemployed right now than at any time in US history, mule recruitment should be even easier I keep getting those types of emails for long time, did not see any increase yet.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2020 | 7:52:30 PM
Covid-19
Cyber space is teeming with coronavirus scams. Some fraudsters will try to get passwords to email accounts and other sites; others will try to get ransomware onto the user's mobile or PC. Lists of miss infuriation about this pandemic, so better to use well known apps.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2020 | 7:49:50 PM
Fraud
American taxpayers who fall under the stimulus income threshold but have not filed their taxes for 2018-2019 won't get a direct deposit unless they file a return. Good opportunity for fraud. People are confused and that creates vulnerabilities.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/29/2020 | 7:46:23 PM
Good days
Confusion, chaos, and abrupt changes in digital user behavior can help the sharp-minded cybercriminal exploit the current crisis to prey on unsuspecting victims. Really good days for hackers to attack vulnerable people.


COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13768
PUBLISHED: 2020-06-04
In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.
CVE-2020-13849
PUBLISHED: 2020-06-04
The MQTT protocol 3.1.1 requires a server to set a timeout value of 1.5 times the Keep-Alive value specified by a client, which allows remote attackers to cause a denial of service (loss of the ability to establish new connections), as demonstrated by SlowITe.
CVE-2020-13848
PUBLISHED: 2020-06-04
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2020-11682
PUBLISHED: 2020-06-04
Castel NextGen DVR v1.0.0 is vulnerable to CSRF in all state-changing request. A __RequestVerificationToken is set by the web interface, and included in requests sent by web interface. However, this token is not verified by the application: the token can be removed from all requests and the request ...
CVE-2020-12847
PUBLISHED: 2020-06-04
Pydio Cells 2.0.4 web application offers an administrative console named “Cells Console� that is available to users with an administrator role. This console provides an administrator user with the possibility of changing several settings, including the applicat...