Nations investing in cyber, 'democratization' of malware are factors accelerating dangers online, CISA official says
Written by Tim Starks Oct 18, 2021 | CYBERSCOOP Two trends are combining to amplify the threat that cyber poses to the U.S., according to a top Cybersecurity and Infrastructure
Multi-Factor Authentication (MFA) and Other Cybersecurity Must-haves
Building up a robust security department and having a strong security posture doesn’t happen overnight. Between ever-evolving threats, new vulnerabilities, increasing attack surfaces, and resource management, a cybersecurity leader has
University still recovering from major cyberattack that disrupted IT systems
The UK-based University of Sunderland is finally gearing up to relaunch its core IT systems after a cyberattack knocked out most systems last week. The university used Twitter last Wednesday
This 'particularly dangerous' phishing attack features a weaponized Excel file
A new phishing campaign is targeting employees in financial services using links that download what is described as a ‘weaponized’ Excel document. The phishing campaign, dubbed MirrorBlast, was detected by
BlackByte ransomware decryptor released
A new form of malware found in a recent IT incident appears to have been inspired by other strains known to reap their operators huge financial rewards — but is
Does someone else secretly have access to your iPhone or iPad?
The other day I downloaded a new version of the iPhone or iPad security app iVerify, and it offered a new tip for securing your device that I’d not considered
MirrorBlast, the New Phishing Campaign Targeting Financial Organizations
A fresh variant of a phishing campaign has been recently detected. By its nickname MirrorBlast, its targets are finance enterprises. The attack methods it uses consist of malicious Excel documents
REvil Ransomware’s Tor Sites Were Hijacked
REvil/Sodinokibi is highly evasive and upgraded ransomware, which uses a special social engineering move, as the ones who spread it will threaten to double the ransom if not paid within
Europol Warns of Major EU Recovery Fund Fraud
Europol Warns of Major EU Recovery Fund Fraud European police have announced a major operation designed to tackle a wave of anticipated fraud linked to the disbursement of the EU’s
The Data Breach Twitch Suffered Had Minimal Impact, the Company Says
Earlier this month, the Twitch source code and sensitive information belonging to streamers and users were reportedly leaked online by an anonymous user on the 4chan imageboard. The hacker posted
Twitch: No Passwords Were Taken in Data Breach
Twitch: No Passwords Were Taken in Data Breach A massive breach at one of the world’s biggest gaming platforms earlier this month may not be as bad as first thought, with the
US Treasury Tracks $5.2bn of Ransomware Transactions in Six Months
US Treasury Tracks $5.2bn of Ransomware Transactions in Six Months The US Treasury has tracked $5.2bn worth of Bitcoin transactions likely to have been ransomware payments in the first half
Heimdal™ Security Is a Finalist at the Computing Security Awards 2021 in Thirteen Categories
We are most delighted to announce that, after being nominated for the Network Computing Awards earlier this month, our company and solutions were also chosen as finalists in thirteen (!!!)
Facebook hits back at claims its AI has minimal success in fighting hate speech
Image: Facebook Facebook integrity VP Guy Rosen has shut down claims that the AI technology it uses to fight hate speech is having little impact, saying it’s “not true”. Instead,
Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One
Trend Micro – A more detailed explanation of this chain and the specific techniques observed in this campaign can be found in our tech brief. We used Cloud One and
Cloud security is an ongoing struggle to keep sensitive data safe. Is it getting any easier?
The latest cloud security breaches show that we have miles to go as we keep fighting to keep our sensitive data safe. 2020 marked a record number of cyberattacks. Cloud-based
Ad-blocker Chrome extension AllBlock injected ads in Google searches
AllBlock was available on Google Chrome’s Web Store where it is marketed as a potent Ad Blocker focusing on Facebook and YouTube to prevent pop-ups. Google has maintained that it
Minecraft declared the most malware-infected game
According to new research by Atlas VPN, Minecraft related malware infected 44,335 devices while Kaspersky antivirus software detected 300,000 malware cases. Malware strains have gradually become the leading cause of
Check your iPhone for compromised passwords… NOW!
Compromised passwords are a fast track to all sorts of online headaches. But thankfully iOS makes it quite easy to do a quick audit of your passwords for compromised passwords,
Twitch says no passwords or login credentials leaked in massive breach
Twitch has come out with a new statement denying the severity of the breach that drew headlines earlier this month. The gaming platform reiterated that the incident was caused by
$5.2 billion in BTC transactions tied to top 10 ransomware variants: US Treasury
More than $5 billion in bitcoin transactions has been tied to the top ten ransomware variants, according to a report released by the US Treasury on Friday. The department’s Financial
Cyber-attack Response Takes More than Two Working Days
Cyber-attack Response Takes More than Two Working Days Organizations around the world take on average more than two business days to respond to a cyber-attack, according to new research by
It’s Not You. It’s Them. On Hacking and Responsible Disclosure.
WordFence – A story was recently posted to Hacker News celebrating a hack of IoT devices at a school that let a student and their friends rickroll the school via
TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever. The cybercriminals behind the infamous TrickBot trojan
Brazilian insurance giant Porto Seguro hit by cyberattack
One of Brazil’s largest insurance groups, Porto Seguro has reported it suffered a cyberattack that resulted in instability to its service channels and some of its systems. The company reported
Missouri Vows to Prosecute ‘Hacker’ Who Disclosed Data Leak
Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees. The St. Louis
2021 ransomware transactions have already exceed 2020 numbers, Treasury Department says
Written by Tonya Riley Oct 15, 2021 | CYBERSCOOP As of June, financial institutions have already reported 635 suspicious ransomware-related activities to the Financial Crimes Enforcement Network, according to a
Researchers Condemn Apple’s Proposed Phone-Scanning Features
Researchers Condemn Apple’s Proposed Phone-Scanning Features Apple's plans to implement new phone-scanning features have been heavily criticized by more than a dozen cybersecurity experts. The tech company announced in August its
Data Stolen from American Osteopath Group
Data Stolen from American Osteopath Group The personal data of thousands of individuals has been stolen from a non-profit professional member organization located in Illinois. Cyber-thieves struck the American Osteopathic
CISA – Ransomware targeted SCADA systems of 3 US water facilities
United States has warned of more ransomware attacks on information technology (IT) and operational technology (OT) networks of country’s Water and Wastewater Systems (WWS) Sector facilities. On Thursday, multiple US
Ransomware demands are up more than 500%, the latest concern for insurers
Written by Jeff Stone Oct 15, 2021 | CYBERSCOOP Ransomware attacks aren’t just becoming more frequent, they’re getting more expensive. Scammers demanded an average payment of $5.3 million from hacking
Yanluowang Ransomware Targets Enterprise Entities
Researchers have discovered a new ransomware strain dubbed Yanluowang ransomware, that is still in the development process. Its targets? Enterprise entities. Yanluowang Ransomware: the Name Story The recent strain was
Critical infrastructure security dubbed 'abysmal' by researchers
The “abysmal” state of security for industrial control systems (ICSs) is putting critical services at serious risk, new research finds. You only need to look at the chaos caused by
New DocuSign Phishing Campaign
Phishing attacks that have as victims non-executive employees with access to sensitive corporate information are becoming more common. According to the researchers at Avanan, half of all phishing emails analyzed
The Complete Guide to IoT Security and What Every Business Owner Needs to Know
We might feel that technology plays an enormous role in our lives, always with our eyes on our phones or turning on the TV right after we got home –
In 2021, Google Issued Over 50,000 Warnings About State-sponsored Hacking Attacks.
In a blog post published yesterday, Google said that in 2021, it sent approximately 50.000 alerts to users whose accounts had been compromised by government-backed hacker gangs conducting phishing and
Ecoflow Delta Max: Battery-powered generator can get you through most power outages
Image: Ecoflow What if you could have an emergency generator that didn’t require gasoline, could be used inside the house without fear of asphyxiation, didn’t make a mess, and was
University of Sunderland Faced Operation Issues Following a Cyber-attack
The University of Sunderland faced extensive operational issues that took most of its IT systems down. It is believed that the issue was caused by a cyber-attack. What Happened? The first
Acer Data Breach Impacts the Company’s Indian Systems
An Acer data breach on the company’s Indian after-sales services has been confirmed by the Taiwan-based multinational hardware and electronics enterprise. Who Is Behind the Acer Data Breach? According to
Google: We're sending out lots more phishing and malware attack warnings – here's why
Google’s policy to send alerts to people with Google Accounts that are targeted by suspected state-sponsored hackers is getting a full work out in 2021. The company says it has
Google Issues Customers 50,000+ Warnings of State-Backed Attacks
Google Issues Customers 50,000+ Warnings of State-Backed Attacks Google has seen a 33% year-on-year spike in nation state attempts to compromise its customers so far in 2021, the tech giant revealed
This 'relentless' malware botnet has made millions with a surprisingly simple trick
The long-running botnet known as MyKings is still in business and has raked in at least $24.7 million by using its network of compromised computers to mine for cryptocurrencies. MyKings,
US Government Warns of Insider and Ransomware Threat to Water Plants
US Government Warns of Insider and Ransomware Threat to Water Plants The US authorities have issued an alert warning of ongoing malicious cyber-activity targeting the country’s water and wastewater systems
How to Use IP Geolocation in Threat Intelligence and Cybersecurity
Hacks, leaks, and phishing scams happen so often that they hardly register as news anymore. Just last week, Google warned of a phishing scam perpetrated by Fancy Bear, a hacking
Missouri Governor Slammed for Vow to Prosecute Researcher
Missouri Governor Slammed for Vow to Prosecute Researcher Missouri governor Mike Parson has been widely criticized for seeking to prosecute news reporters who disclosed a vulnerability on a state education
Staggering growth of cybercrime and how data science helps improve online security
Did you know if you were to compare the money generated by cybercrime with the GDP of world nations, it would come third behind the economic powerhouses of America and
Ransomware Operators Found Using New “Franchise” Business Model
Trend Micro – Shared infrastructure To date, we have found fifteen onion addresses used by at least four different servers, and three others still unknown. Onion Address Server w6ilafwwrgtrmilorzqex6pgpvfsa667fydca2wpoluj6sajka225byd[.]onion A
WhatsApp starts slowly rolling out encrypted backups
Image: WhatsApp WhatsApp has said it is starting to slowly roll out the encrypted backups feature it detailed in September. “Starting today, we are making available an extra, optional layer