Blog – Page 59 – MCYSEKA-Maritime Cyber Security Knowledge Archive

New Year, New Scams – Health product scam campaigns abusing cheap TLDs

In recent months, we’ve noticed an increased number of high-volume health product campaigns that exploit cheap top-level domains (TLDs), reaching up to 60% of a TLD’s daily domain registrations.

This blog looks at current trends around health product scams and examines some of the TLDs providing domain names for these large campaigns.

Dragons’ Dens and Shark Tanks

Health product scams frequently take the form of fake news articles, often impersonating specific newspapers and featuring celebrity endorsements from well-known media figures who have supposedly used the products that are targeted. In this sense, they are similar to the cryptocurrency investment scams we’ve blogged about previously.

Recent scams impersonate organizations such as Fox News, the Daily Mail, The Today Show, and the New York Times, with the latest campaign of health product scams centered around products backed by the judges from the popular TV series Shark Tank (in the US) or Dragons’ Den (in the UK).

A screenshot of a website claiming to be supported by Shark Tank

These articles then use affiliate links to direct users to landing pages that sell products, especially weight loss gummies that purport to induce ketosis, but also other products such as skincare creams, erectile dysfunction supplements, and teeth whitening kits.

The products (and even the landing pages selling them) may be legal. Still, fake news articles that lure victims to these sites frequently misrepresent the product with false claims and often profit from affiliate marketing. In fact, in the US, the Federal Trade Commission released a consumer warning following the Shark Tank campaigns, which leads with the headline ‘Did your favorite Shark Tank celebrity really endorse THAT? Probably not.’

We often see these types of scams advertised on social media platforms such as Facebook, where accounts have been compromised using credentials captured by a phishing website, similar to how LinusTechTips was …

January 16, 2024

0 comment

How to Keep Valuables Safe in a Dorm Room

Keeping your valuables safe is a concern wherever you go, but when you’re sharing a dorm room with someone else, it’s important that extra precautions be taken. Living with someone you don’t know is one thing, but you will both have family and friends coming in and out at various times, which requires safety measures. […]

January 11, 2024

0 comment

Comparing Technology & Software for Litigation Management

Managing litigation has always been a significant component of corporate legal practice, but its complexity has intensified over the years. In the past, in-house counsel typically relied on a mix of manual processes and rudimentary software solutions to juggle multiple cases. These methods were labor-intensive, prone to human error, and often resulted in the duplication […]

The post Comparing Technology & Software for Litigation Management appeared first on TCDI.

January 10, 2024

0 comment

Three Top Commercial Security Trends for 2024

As we usher in 2024, the commercial security landscape is shifting, driven by leaps in technology. We anticipate that business will embrace technological advancements that allow them to streamline security management while providing more robust protection for their data, assets, and people. Below we’ll dig into the top trends we expect to see within the […]

January 4, 2024

0 comment

Essential NYE Safety Tips

New Year’s Eve is a night that many people look forward to. Whether you decide to stay home or go out to enjoy the festivities, you want to stay safe while ringing in the New Year. To avoid having your night interrupted by an unexpected safety concern, take these tips into consideration. Make a Transportation […]

December 28, 2023

0 comment

“Quishing” you a Happy Holiday Season

QR Code phishing scams — What they are and how to avoid them.

Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. After gaining broader acceptance during the COVID-19 pandemic, they are now—perhaps inevitably—being exploited by cybercriminals. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, which leads to a phishing site, malicious link, or another cyber attack.

We’ll look at the threat from QR code-based phishing and consider why cybercriminals are adopting this technique. Additionally, we’ll explore opportunities to detect and disrupt these attacks at scale.

QR codes in phishing emails: what’s the threat?

QR codes work precisely as malicious links; a victim who scans the QR code – typically using their smartphone – will be directed towards a malicious site. From here, the deception can continue as with any other phishing campaign.

By now, many know how to spot suspicious-looking links in phishing emails that mimic official communications from established brands or institutions. The opposite is true with QR codes: there is typically no user-accessible way to check the destination before scanning.

From a cybercriminal’s perspective, there are several reasons to use QR codes for phishing, often dubbed quishing, including:

Hiding URLs from users – QR codes provide criminals with a very effective mechanism for hiding suspicious URLs, making this an ideal way to bypass growing user skepticism concerning clicking questionable and shortened URLs.
Circumventing corporate controls – If users receive a QR-based phishing email on their work computer, they will likely scan the code using their phone. Cybercriminals know personal devices may have less built-in security than a company computer or phone. It’s a subtle way of encouraging victims to use devices not under corporate control and are, therefore, less likely to

…

December 19, 2023

0 comment

Winter Savings: How Smart Home Security Systems Keep You Warm and Your Wallet Full

As the winter chill sets in, homeowners are not only concerned about staying warm but also about the increasing energy bills that come with heating their homes. In the search for comfort and cost-efficiency, smart home security systems emerge as unsung heroes. Beyond their primary role of safeguarding your home, these intelligent systems can contribute […]

The post Winter Savings: How Smart Home Security Systems Keep You Warm and Your Wallet Full appeared first on Johns Brothers Security.

December 18, 2023

0 comment

December 2023 Web Server Survey

In the December 2023 survey we received responses from 1,088,057,023 sites across 269,268,434 domains and 12,355,610 web-facing computers. This reflects a loss of 4.1 million sites, an increase of 238,593 domains, and a loss of 128,028 web-facing computers.

nginx experienced the largest loss of 4.5 million sites (-1.79%) this month, and now accounts for 22.5% of sites seen by Netcraft. Microsoft suffered the next largest loss, down by 2.5 million sites (-9.65%).

OpenResty remains the largest growing vendor, gaining 3.3 million sites (+3.64%) and increasing its market share to 8.71%. Second to OpenResty is Google, which gained 1.5 million sites (+2.65%).

Vendor news

Apache Tomcat versions 9.0.83, 10.1.16, 11.0.0-M14, and 8.5.96 were released.
OpenResty version 1.21.4.3 was released, patching a bug that made it vulnerable to HTTP/2 rapid reset attacks.
AWS held its annual re:Invent conference, with announcements including:
- Amazon Q – an AI assistant for businesses
- Amazon Aurora Limitless Database – a distributed database that can scale to manage petabytes of data
- R8g – a new memory-optimized and energy-efficient EC2 instance

Developer	November 2023	Percent	December 2023	Percent	Change
Apache	248,343,154	22.74%	248,118,087	22.80%	0.06
nginx	249,368,944	22.83%	244,903,710	22.51%	-0.32
Cloudflare	115,937,937	10.62%	113,499,479	10.43%	-0.18
OpenResty	91,405,835	8.37%	94,737,403	8.71%	0.34

Web server market share for active sites

Developer	November 2023	Percent	December 2023	Percent	Change
Apache	40,080,759	20.98%	39,476,338	20.84%	-0.14
nginx	36,927,632	19.33%	36,176,461	19.10%	-0.23
Cloudflare	23,035,498	12.06%	23,076,699	12.18%	0.12
Google	20,759,419	10.87%	20,543,756	10.85%	-0.02

For more information see Active Sites.

Web server market share for top million busiest sites

Developer	November 2023	Percent	December 2023	Percent	Change
Cloudflare	222,400	22.24%	223,795	22.38%	0.14
nginx	206,286	20.63%	207,158	20.72%	0.09
Apache	204,504	20.45%	203,097	20.31%	-0.14
Microsoft	48,019	4.80%	47,476	4.75%	-0.05

Developer	November 2023	Percent	December 2023	Percent	Change
nginx	4,904,964	39.29%	4,867,232	39.39%	0.10
Apache	3,212,874	25.74%	3,183,227	25.76%	0.03
Microsoft	1,205,605

…

December 15, 2023

0 comment

Navigating the Cyber Landscape with Microsoft: Staying Ahead of Modern Cybersecurity Threats

As the digital domain faces new and more threatening challenges, defenders are being driven to innovate and collaborate more closely than ever. Cybersecurity is a defining challenge of our time….

The post Navigating the Cyber Landscape with Microsoft: Staying Ahead of Modern Cybersecurity Threats appeared first on Connected.

December 14, 2023

0 comment

Protecting Indoor Air Quality with Environmental Control & Monitoring

As winter closes in, keeping windows tightly shut in commercial buildings becomes essential. However, sealing our spaces can compromise indoor air quality (IAQ) by fostering the accumulation of pollutants and allergens, posing health risks for occupants. In this post, we’ll look at the role Environmental Control Systems (ECS) play in bolstering air quality within commercial […]

December 14, 2023

0 comment

1 … 57 58 59 60 61 … 96