The Onion Effect-One Malicious Zip File Hides Multiple Layers of Zip Files

Once again, hackers have found a sneaky way of hiding malware most of us would never expect. An attacker sending a phishing email with a malicious Zip file attached isn’t unusual. But this newly discovered Zip file hides multiple Zip files like layers of an onion, and one of those files holds malware. This way, the malware bypasses anti-malware detection. Opening the Zip shows a directory of what’s included in the file, but no other directories appear showing the hidden Zip files. As a result, it’s impossible to see or expect there are other Zip files inside. READ FULL STORY

FBI Warns to Avoid Costly Phantom Hacker Attack

Cyber creeps are on the move again with a financial hack no one is immune from. Even the FBI is warning the public about “Phantom Hacker” attacks they say are growing fast and cleaning out funds from unsuspecting victims. It’s a slick and quick attack, and before you know it, your hard-earned cash is gone in a flash. This scam includes a financial phishing phone call and a wire transfer of your money. Here’s what you need to know about this scam, and fast. READ FULL STORY

There is an Uptick in Fake Emergency Data Requests

Late last year, the FBI issued a Private Industry Notification (PIN) alerting U.S.-based companies and law enforcement agencies about the rise in fraudulent Emergency Data Requests (EDRs) used by cybercriminals. While not a new tactic, cybercriminals have started using them again. EDRs are urgent requests for sensitive user data, typically reserved for life-threatening situations, bypassing the standard warrant process. Hackers exploit this by posing as legitimate law enforcement officers and tricking companies into releasing private user data. READ FULL STORY

Improved Password Cracking – How Easily Are Yours Stolen?

New upgrades to technology have made password-cracking a breeze. As a result, creating fortified passwords is more important than ever. We know rock-solid passwords do wonders in keeping intruders out, yet few of us actually use them. New data shows just how quickly, or not, different passwords get cracked these days depending on how they’re built. Research by Specops Software gets to the nitty-gritty of how password assembly creates a stunning difference in the “crack-ability” of the guardians to your online accounts. READ FULL STORY

Your Browser Extensions May be Stealing from You

When the FBI releases an urgent warning to three million Chrome users, it’s time to pay attention. The alert warns malicious file conversion software, and their fake URLs, are hijacking personal information. It’s also at a time when malicious browser extensions and the hackers behind them are threatening Google Chrome users everywhere. The FBI says cybercriminals worldwide are creating websites hyping free file conversion services or free software downloads to convert files on your own. Their warning also finds victims are told MP3 or MP4 download might also being used. READ FULL STORY

Now is the Time to Break Up with 23 and Me

If you've ever used 23andMe, now is the time to reconsider whether or not you should keep your data with the company. Last year, it was in dire straits and looking for a buyer, but it was recently announced that it had filed for bankruptcy protections. While you might wonder why it’s a big deal, if you have used their services, you should be concerned. Given the highly personal nature of DNA information, the risks of keeping your genetic data in their system are too great to ignore. So, what indeed does this mean for you? READ FULL STORY

A Check on the Safety of P2P Apps

There are so many payment apps out there; PayPal, Venmo, and Zelle, for instance and perhaps you’ve probably wondered: Are these apps actually safe? The short answer—yes, if you’re careful. While most P2P apps use encryption to protect your data, scammers are constantly looking for new ways to trick users into giving up their money. And because these apps are often linked directly to your bank account, one mistake can be very costly. But just knowing how to spot potential scams and fraud can help you use them safely. READ FULL STORY

Info-Stealing Deepfakes Target Android Mobile Banking Users

A report by ESET (Essential Security against Evolving Threats) looks at the cyber threat landscape over the first half of the year. Their combined data collection and monitoring finds some troubling threat patterns targeting Android users and their mobile devices. Those findings involve info-stealing malware combined with AI deepfakes to heist user financial information—a devious combination that gives all of us a reason to be concerned. READ FULL STORY

Hackers Are After Your Password Manager

While password help is on the way, it’s still frustrating that we have to remember so many of them. One for each and every online account, right? According to security.org, one in three people use a password manager product to secure their login credentials. That’s why password managers are so popular and used by so many people. And of course, you may realize that this popularity also means these password managers are big targets for hackers; and indeed, you are correct. READ FULL STORY

The PayPal No-Phish Phishing Scam

It’s not your typical email phishing scam, but then cybercriminals are always looking for new ways to swindle us. And we’ve seen many warnings about PayPal scams lately. Yet another one, this PayPal “No-Phish” email phishing attack is rampant. Scammers are tricking PayPal users into handing over their accounts thanks to this highly sophisticated phishing scheme. The way this no-phish phish is constructed, it also gets beyond the typical phishing detection software. READ FULL STORY

FBI Warns Medusa is Trying to Snake Her Way Into Your Network

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) recently issued a warning about a ransomware-as-a-service variant that has been on the attack since December. The Medusa ransomware, a sophisticated cyber threat that has targeted over 300 victims across critical infrastructure sectors. These include, healthcare, education, and manufacturing. The group employs tactics such as phishing campaigns and exploiting unpatched software vulnerabilities to gain unauthorized access to systems. READ FULL STORY

Finding Payment Card Fraud and What to Do About It

We all dread the thought of finding payment card charges we don’t recognize. We have to wonder if someone, somewhere breached our account and went on a shopping spree. If you’d like to know what to do about a suspected fraudulent charge and how to go about filing a credit fraud claim, this is for you. First, it’s important to remember we’re human, and we might forget making a payment card purchase. However, the world of payment card fraud today is full of cybercriminals, hackers, skimmers, and shimmers—and they’re all trying to help themselves to our hard-earned credit. READ FULL STORY