CISA, White House urge organizations to get ready for holiday cyberattacks

The Cybersecurity and Infrastructure Security Agency and the White House have released warnings to companies and organizations across the country, urging them to be on alert for cyberattacks ahead of…

Omicron Phishing Scam Already Spotted in UK

Omicron COVID-19 variant anxiety inspires new phishing scam offering fake NHS tests to steal data. The global pandemic has provided cover for all sorts of phishing scams over the past…

The BABADEDA Crypter – an Emerging Crypter targeting the Crypto, NFT, and DeFi communities

INTRODUCTION The cryptocurrency market is now worth more than $2.5 trillion. Unfortunately, this fact is not lost on threat actors. As well as using cryptocurrency themselves to extract ransoms, cybercriminals…

Tiny Font Size Fools Email Filters in BEC Phishing

The One Font BEC campaign targets Microsoft 365 users and uses sophisticated obfuscation tactics to slip past security protections to harvest credentials. A new business email compromise (BEC) campaign targeting…

Black market traders cash in on fake COVID-19 vaccination records

Researchers have uncovered a lively trade online in the sale of fake vaccination records and passports.  COVID-19 prompted panic buying and price hikes for basic necessities worldwide when the pandemic…

Explosive New MirrorBlast Campaign Targets Financial Companies

Key Points:  Morphisec Labs tracked a new MirrorBlast campaign targeting financial services organizations  MirrorBlast is delivered via a phishing email that contains malicious links which download a weaponized Excel document…

CISA Creates JCDC Agency for U.S. Cyber Defense Operations Plans

Security Intelligence – Security Intelligence – CISA Creates JCDC Agency for U.S. Cyber Defense Operations Plans The Cybersecurity and Infrastructure Security Agency (CISA) announced the creation of a new agency…

Ryuk Ransomware: Origins, Operation Mode, Mitigation

What is Ryuk Ransomware? Widely known for targeting governments, academia, healthcare, manufacturing, and technology organizations’ cybersystems, Ryuk is a ransomware-as-a-service (RaaS) group that’s been active since August 2018. It typically encrypts data…

Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising

Trend Micro – Trend Micro – SHA256 File name Note Analysis 124FE26D53E2702B42AE07F8AEC5EE4E79E7424BCE6ECDA608536BBF0A7A2377 oneroom_setup.zip Malicious game archive Trojan.Win32.SHELLOAD.AZ E667F9C109E20900CC8BADD09EDE6CDCE0BDC77164CFD035ACE95498E90D45E7 oneroom_game.zip Malicious game archive Trojan.Win32.SHELLOAD.AZ 93FFE7CF56FEB3FB541AEF91D3FC04A5CF22DF428DC0B7E5FEB8EDDDC2C72699 Magicalgirl.zip Malicious game archive Trojan.Win32.SHELLOAD.AZ AD13BB18465D259ACC6E4CEBA24BEFF42D50843C8FD92633C569E493A075FDDC…

Reduce Instances of Covid-19 Phishing Email Attacks

Trend Micro – Trend Micro – In my previous post, I focused on how the report we commissioned Ostermann Research to conduct showed the challenges with ransomware and phishing. For…