Scammers are taking advantage of Twitter’s rebranding to “X,” according to Stephanie Adlam at Gridinsoft. A phishing campaign is targeting Twitter Blue users by telling them they need to transfer their subscription to X.

As the retirement countdown for the current version of PCI is now less than six months, a new standard for password length, complexity, and change frequency may create some risk. Valid credentials have become a very hot item, as threat actors realize the low risk and high value of simply becoming an Initial Access Broker (rather than performing an entire cyber attack themselves).

With its wide use and trusted state among Wordpress developers and website admins, a new campaign impersonating the website security brand could put hundreds of millions of websites at risk. Today, it's estimated there are over 810 million websites that run on Wordpress. One of Wordpress’ most used plugins is Wordfence – a security platform made specifically for the website platform.

It’s the third day of your long-awaited vacation. While relaxing at the beach, you hear a not particularly welcome chime on your phone (because who takes a vacation from their phone), indicating a new email notification. Your bank notifies you that a significant transaction has been made on your account― a purchase you immediately realize you didn’t authorize. Your heart pounds as you log into your banking app only to find your account empty.

Many of us have received a phone call or other notification from a credit card company telling us that they’ve detected suspicious activity on our card. Was it us? Did we just spend $500 at that big box store up the road? No? Thank you; there’ll be no charge. Or, if that was you, then you need take no further action.

There is no such thing as a vacation for cybercriminals. We recently released our top summer cybersecurity travel tips to help keep you safe. Earlier this year, we posted about travel-themed phishing attacks, and Forbes just posted a great reminder about the dangers of sharing your boarding pass on social media. Read below for their advice.

Read also: Avaya reseller pleads guilty to role in $88M software licensing scam, Ukraine shuts down illicit money exchanges, and more.

If you discover you are a victim of credit card fraud, start the recovery process by notifying your credit card issuer, placing a fraud alert on your credit report, freezing your credit and contacting the three major credit bureaus. However, before taking these steps, you should determine if you are in fact a victim of credit card fraud.

Researchers at CYFIRMA warn that the Bahamut threat actor is using a malicious Android app to deliver malware. “The suspected Android malware, known initially as ‘CoverIm’ was delivered to victims via WhatsApp, and was found to be disguised as a dummy chatting application named ‘SafeChat,’” the researchers write.

Email scams known as "CEO Fraud" are very common right now. They are a type of "Business Email Compromise" (BEC). There have been numerous recent cases reported in the media, and we too, are seeing many reports by our customers. One customer described these attacks as 'rampant'. The US FBI recently put the estimate of losses in 2015 associated with BEC frauds in the hundreds of millions of dollars.