Compliance February 25, 2019 UConn Health Phishing Attack Impacts 326K Patients A UConn Health phishing attack in December has potentially allowed an unauthorized individual to gain access to the health information of hundreds of thousands of ... Read more
Security Breaches February 25, 2019 B0r0nt0K Ransomware Attack Could Cost You $75,000 A new cryptoransomware threat called B0r0nt0K ransomware is being used to encrypt files on Linux and Windows servers. If you haven’t backed up, you will ... Read more
Compliance February 22, 2019 Zero-Day WinRAR Remote Code Execution Flaw Allows Full PC Takeover A patch has been released to correct a 19-year old zero-day WinRAR remote code execution vulnerability. The flaw was identified by security researchers at Check ... Read more
Cyber Threats February 21, 2019 Businesses Targeted in Ongoing Credential-Stealing Separ Malware Phishing Attack An ongoing phishing campaign is targeting businesses and distributing the information-stealing Separ malware. The campaign has mostly concentrated on businesses in South East Asia and ... Read more
Cyber Threats February 21, 2019 Drupal Updates Released to Correct Critical RCE Vulnerability An update for the Drupal CMS has been released that corrects a critical vulnerability – CVE-2019-6340 – which, if exploited, could allow the execution of ... Read more
Security Breaches February 20, 2019 GandCrab Ransomware Decryptor Developed for Versions 5.0.4 to 5.1 A free GandCrab ransomware decryptor has been released that works for the latest version of the ransomware. Files encrypted by versions 1, 4, early versions ... Read more
Cyber Threats February 19, 2019 Trickbot Trojan Updated to Obtain VNC, PuTTY, and RDP Credentials The Trickbot banking Trojan has been updated with a new module which is capable of obtaining VNC, PuTTY, and remote desktop credentials. The latest variant ... Read more
Cyber Threats February 19, 2019 FINRA Issues Phishing Warning to Brokerage Firms The Financial Industry Regulatory Authority (FINRA) has issued a warning to brokerage firms about a new phishing campaign. The scam involves spam emails which appear ... Read more
Security Breaches February 15, 2019 MSPs Targeted in New GandCrab Ransomware Campaign Managed service providers (MSPs) and IT support companies are being targeted in a new GandCrab ransomware campaign. MSPs are an attractive target. If access can ... Read more
Cyber Threats February 15, 2019 Emotet Threat Actors Now Distributing Trojan via XML Files Masked as Word Documents At least one cybercriminal group distributing the Emotet Trojan has started using a new tactic to infect end users with the malware. The malware is ... Read more
Cyber Threats February 15, 2019 Mac Users Targeted with New Shlayer Malware Variant A new Shlayer malware variant has been detected that infects Mac computers and disables macOS Gatekeeper security software. The latest version of the malware was ... Read more
Security Breaches February 13, 2019 VFEmail Suffers Catastrophic Cyberattack with Permanent Loss of Customers Email Data The email provider VFEmail has suffered a cyberattack that has caused “catastrophic destruction.” A hacker with a Bulgarian IP address gained access to its U.S. ... Read more
Tools & Practices February 13, 2019 February 2019 Patch Tuesday: Microsoft Fixes 74 Vulnerabilities; Adobe 75 February 2019 Patch Tuesday has seen almost 150 vulnerabilities fixed by Microsoft and Adobe, including 43 critical Adobe flaws and 20 critical Microsoft vulnerabilities, one ... Read more
Cyber Threats February 11, 2019 Phishing Campaign Leverages Google Translate to Steal Google and Facebook Credentials A phishing campaign has been detected that abuses Google Translate to make the phishing webpage appear to be an official login page for Google. The ... Read more
Security Breaches February 8, 2019 Investigation of Corporate Phishing Incidents Costs $4.86 Million Per Year New figures from email security company Agari show organizations are now spending $4.86 million a year triaging, investigating, and responding to phishing incidents. The Agari ... Read more
Trends & Reports February 6, 2019 New BEC Campaign Targets Executives Business email compromise attacks involve the impersonation of a high-level executive, often the CEO or CFO. The attacks often start with a spear phishing email ... Read more
Cyber Threats February 6, 2019 Office 365 Phishing Campaign Uses SharePoint Collaboration Request as Lure A single Office 365 username/password combination can give a hacker access to a vast quantity of sensitive information. Information detailed in emails can be of ... Read more
Security Breaches February 5, 2019 New Speakup Linux Backdoor Trojan Used in Widespread Attacks Security researchers at Check Point have identified a new Trojan named Speakup which is being used in targeted attacks on Linux servers. The Speakup Linux ... Read more
Cyber Threats February 4, 2019 Xvideos Sextortion Scam Threatens to Expose Porn Viewing Habits An xvideos sextortion scam threatens to expose users’ porn viewing habits to friends, family, and work colleagues. The scammer claims to have recorded the ... Read more
Security Breaches January 29, 2019 Apple IOS Vulnerability Allows Hackers to Snoop on FaceTime Calls A serious Apple IOS vulnerability has been detected that allows people to gain access to both the microphone and the front facing camera on Apple ... Read more
Cyber Threats January 28, 2019 Fake Google Update Installer Used to Install AZORult Trojan Researchers at Minerva Labs have identified a new AZORult Trojan campaign that installs the malware through a fake Google update installer. The AZORult Trojan is ... Read more
Compliance January 23, 2019 0Patch Micropatches Released to Address 3 Zero-Day Windows Flaws 0Patch has released a micropatch to address three zero-day Windows flaws that have yet to be addressed by Microsoft, including a zero-day remote code execution ... Read more
Security Breaches January 22, 2019 STOP Ransomware Delivered via Software Cracks STOP ransomware, a crypto-ransomware variant that uses the .rumba file extension on encrypted files, is being delivered via software cracks. Software cracking programs that generate ... Read more
Cyber Threats January 21, 2019 Cryptocurrency Mining Malware Tops Most Wanted Malware List Check Point’s Most Wanted Malware report for December 2018 shows that cryptocurrency mining malware was the leading malware threat in December. The top four malware ... Read more
Compliance January 18, 2019 Zix to Acquire AppRiver for $275 Million The cloud cybersecurity company AppRiver is set to be purchased by the email encryption, threat protection, and email archiving solution provider Zix for $275 million. ... Read more
Trends & Reports January 18, 2019 773 Million Email Addresses and 21 Million Unique Passwords Listed for Sale A massive collection of login credentials that includes approximately 773 million email addresses has been uncovered by security researcher Troy Hunt. Hunt is an Australian ... Read more
Security Breaches January 16, 2019 BenefitMall Phishing Attack Impacts 111,589 Plan Members A recently discovered BenefitMall phishing attack has resulted in the exposure of 111,589 plan members’ protected health information. BenefitMall, a division of Centerstone Insurance ... Read more
Trends & Reports January 10, 2019 Highly Sophisticated Apple Vishing Scam Detected A sophisticated Apple vishing scam has been uncovered. In contrast to most phishing attempts that use email, this scam used voice calls (vishing) with the ... Read more
Tools & Practices January 9, 2019 January 2019 Patch Tuesday Updates January 2019 Patch Tuesday has seen 51 flaws corrected in Microsoft products. There are four updates to correct flaws in the Microsoft Edge Browser. Seven ... Read more
Cyber Threats January 8, 2019 Phishing Website Uses Custom Web Fonts to Evade Detection Phishers are constantly developing new ways to prevent their websites from being detected. One threat actor is now using custom web fonts to disguise malicious ... Read more