Cybersecurity Weekly: Verified Twitter accounts hacked, cryptocurrency phishing attack, Facebook business data-harvesting campaign
Verified Twitter account hacked causing chaos, cryptocurrency phishing attack targets financial industry, and Facebook Business pages targeted in data-harvesting campaign. All these and more in this week's edition of Cybersecurity Weekly.
1. Verified Twitter accounts hacked to send fake suspension notices
Threat actors are hacking verified Twitter accounts to send fake but well-written suspension messages that attempt to steal other verified users' credentials.
2. Credential phishing attack spoofs cryptocurrency app MetaMask, targets financial industry
Researchers identified a credential-phishing attack that spoofs MetaMask, one of the most widely used crypto applications that lets users store and swap cryptocurrencies, interact with blockchain, and host dApps, which are built on a decentralized network supported by a blockchain distributed ledger.
3. Facebook business pages targeted via chatbot in data-harvesting campaign
The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.
4. FBI warning: Crooks are using deepfakes to apply for remote tech jobs
Scammers are using deepfakes to apply for remote technology roles that provide access to corporate IT networks.
5. North Korea is likely culprit behind $100 million crypto heist
There are “strong indications” that Lazarus Group, a hacking collective with strong ties to Pyongyang, orchestrated the attack, blockchain analytics firm Elliptic said.