Security concerns have increased in importance in recent years, which makes investing in a reliable home security system a necessity rather than an added luxury. With so many options available, from DIY setups to professional-grade security services, homeowners are often left at a crossroads, trying to decide between the two. When choosing between a DIY […]
In today’s fast-paced world, the lines between our professional and personal lives are increasingly blurred, thanks in no small part to the digital devices that have become near extensions of ourselves. Organizations, large and small, are more connected than ever before as these devices have become integrated in almost every aspect of daily business operations. […]
Whether you are moving to a new neighborhood, considering opening a business in your current state or a different one, or considering opening a business in a specific area, it’s essential to research crime data. Crime is always a concern, and understanding the crime of your intended neighborhood can make or break your final decision. […]
Criminals can now deploy phishing sites on any type of web server, even when commonly used server-side technologies such as PHP are not supported.
Phishing kits are predominantly implemented in PHP, as this provides the server-side functionality required to store and transmit stolen credentials without publicly revealing where they are being sent.
PHP is a widely used platform and is often supported on low-cost or compromised hosting platforms. Consequently, very few phishing kits are implemented in any other server-side language. For example, only a very small number of phishing kits have even been written in ASP.NET to run on Microsoft web servers.
An example of a typical phishing kit. It contains server-side PHP scripts, plus other resources such as fonts, stylesheets, and client-side JavaScript files.
We also see relatively small numbers of kits that do not contain any server-side scripts but do still rely on a PHP script to ultimately process their stolen data. These kits use static HTML pages to impersonate the targeted organisation, with web forms that submit stolen credentials directly from the victim’s browser to a PHP script hosted on a central remote “dropsite”. The PHP script then logs or forwards the stolen credentials to the criminal, typically via email, Telegram or Discord.
However, some recent phishing kits have gone one step further and eliminated the need for PHP scripts anywhere along the chain, thus eliminating a single point of failure that is inherent when hosting your own dropsite.
An example of a PHP-less phishing kit. It contains only images and static HTML pages which submit stolen credentials directly from the victim’s browser to a Telegram chat.
These new kits expand the range of hosting options open to the phisher, as they can be deployed on any static content hosting platform, regardless of what operating system it’s …
In the January 2024 survey we received responses from 1,079,154,539 sites across 270,447,456 domains and 12,337,710 web-facing computers. This reflects a loss of 8.9 million sites, a gain of 1.2 million domains, and a loss of 17,900 web-facing computers.
nginx saw the largest increase of 5.6 million sites (+2.29%) this month. Its market share now stands at 23.21% (+0.71pp). Cloudflare and OpenResty also experienced strong growth this month, gaining 5.1 million (+4.52%) and 3.7 million sites (+3.86%) respectively.
Apache saw the largest loss of 24.8 million sites (-9.98%), reducing its market share to 20.70% (-2.11pp). LiteSpeed lost 1.2 million sites (-2.25%), slightly reducing its market share by 0.07pp to 4.63%.
Several years into your role as a security leader at a company, you’ll reach a point when you ask yourself, “What’s next for me?” This article discusses three ways to proceed if you choose to stay at your current organization. (It was co-authored by Yael Nagler and Lenny Zeltser.) At this point in your CISO tenure, you…
A well-secured and well-managed building doesn’t just ensure the safety of its occupants; it also makes the property an attractive option for potential tenants and decreases tenant turnover. Elements like secure parking, high-quality lighting, and video surveillance can go a long way in making tenants feel safe and comfortable on a property. Below, we’ll look […]
In the ever-changing landscape of business operations in Richmond, Virginia, security remains a top priority for companies of all sizes. As threats to businesses continue to advance, it becomes imperative to implement enhanced security measures that not only protect assets but also provide a complete surveillance solution. In this article, we are going to look […]
During recent onboarding with a new large client, I was pleasantly surprised to see a communication protocol on the agenda. In my experience, clear and consistent communication protocols are often neglected in the eDiscovery process, despite their critical importance. Simply having an email distribution list is usually insufficient. Foundational Importance A recent survey of more than […]
In recent months, we’ve noticed an increased number of high-volume health product campaigns that exploit cheap top-level domains (TLDs), reaching up to 60% of a TLD’s daily domain registrations.
This blog looks at current trends around health product scams and examines some of the TLDs providing domain names for these large campaigns.
Dragons’ Dens and Shark Tanks
Health product scams frequently take the form of fake news articles, often impersonating specific newspapers and featuring celebrity endorsements from well-known media figures who have supposedly used the products that are targeted. In this sense, they are similar to thecryptocurrency investment scams we’ve blogged about previously.
Recent scams impersonate organizations such as Fox News, the Daily Mail, The Today Show, and the New York Times, with the latest campaign of health product scams centered around products backed by the judges from the popular TV seriesShark Tank (in the US) orDragons’ Den (in the UK).
These articles then use affiliate links to direct users to landing pages that sell products, especially weight loss gummies that purport to induce ketosis, but also other products such as skincare creams, erectile dysfunction supplements, and teeth whitening kits.
The products (and even the landing pages selling them) may be legal. Still, fake news articles that lure victims to these sites frequently misrepresent the product with false claims and often profit from affiliate marketing. In fact, in the US, the Federal Trade Commission released aconsumer warning following the Shark Tank campaigns, which leads with the headline ‘Did your favorite Shark Tank celebrity really endorse THAT? Probably not.’
We often see these types of scams advertised on social media platforms such as Facebook, where accounts have been compromised using credentials captured by a phishing website, similar to howLinusTechTips was …
Several years into your role as a security leader at a company, you’ll reach a point when you ask yourself, “What’s next for me?” This article discusses three ways to proceed if you choose to stay at your current organization. (It was co-authored by Yael Nagler and Lenny Zeltser.) At this point in your CISO tenure, you… 