September 3, 2018 Micropatch Blocks Zero-Day Vulnerability in Windows Task Scheduler On August 29, 2018, a proof-of-concept exploit for a zero-day vulnerability in Windows Task Scheduler was published on GitHub by a security researcher. The vulnerability ... Read more
August 29, 2018 Exploit Published for Zero-Day Vulnerability Found in Windows Task Scheduler A zero-day vulnerability has been discovered in Windows Task Scheduler and an exploit for the flaw has been published on GitHub. The local privilege escalation ... Read more
August 24, 2018 New Critical Apache Struts Vulnerability Discovered A new Apache Struts vulnerability has been discovered in the core functionality of Apache Struts. This is a critical flaw that allows remote code execution ... Read more
August 21, 2018 Necurs Botnet Now Distributing Marap Malware The Necurs botnet is being used to send huge quantities of spam emails containing Marap malware. Marap malware is currently being used for reconnaissance and ... Read more
August 3, 2018 Massive Malvertising Operation Uncovered that Delivers Traffic to Rig Exploit Kit For many years cybercriminals have been sneaking malicious adverts onto legitimate websites through advertising networks. Publishers – website owners that sell space on their sites ... Read more
August 3, 2018 Businesses Turn Employee Safety Solution into Phishing Alert System Fast action is required when cybersecurity threats are detected to limit the harm caused. When phishing emails are received, or ransomware or malware threats are ... Read more
August 2, 2018 AI-Assisted Virtual Security Analyst Added to Ironscales’ Advanced Threat Protection Platform Ironscales, the Tel Aviv-based anti-phishing solution provider, has announced it has incorporated a new module into its advanced threat protection platform that helps security teams ... Read more
July 24, 2018 Most Clicked Phishing Emails in Q2, 2018 Security training and phishing email simulation platform provider KnowBe4 has released a report on the most clicked phishing emails in Q2, 2018. If businesses provide ... Read more
July 17, 2018 Convincing Phishing Campaign Targets Australian Businesses and Spreads DanaBot Trojan A new phishing campaign has been detected that is spreading the DanaBot Trojan. The campaign involves phishing emails which appear to contain invoices from the ... Read more
July 12, 2018 Code Stealing Certificates Stolen from D-Link and Used in Malware Campaign The Advanced Persistent Threat (APT) group BlackTech has stolen code-signing certificates from D-Link and Changing Information Technology Inc., and is using them to cryptographically sign ... Read more
July 6, 2018 Rakhni Trojan Decides Whether to Encrypt or Mine Dashcoin A new variant of the Rakhni Trojan has been detected by security researchers at Kaspersky Lab. This new malware variant decides whether a device is ... Read more
July 3, 2018 Cryptocurrency Investors Targeted with MacOs Malware on Slack and Discord Several MacOs malware attacks have been identified in the past few days with victims targeted via the Slack and Discord chat platforms. The attackers are ... Read more
June 28, 2018 DoublePulsar Exploit Tweaked to Work on IoT Systems The NSA hacking tool – DoublePulsar – was used to infect hundreds of thousands of Windows computers with malware last year after it was leaked ... Read more
June 27, 2018 WordPress Vulnerability Allows Full Site Takeover A recently disclosed vulnerability in the WordPress CMS Core could be exploited to escalate privileges, remotely execute code, and take full control of a WordPress ... Read more
June 19, 2018 World Cup Wallchart Phishing Scam Detected Security researchers at Check Point have uncovered a World Cup wallchart phishing scam that is being used to deliver malware to soccer fans’ devices. The ... Read more
June 14, 2018 New PyRoMine Malware Variant Used Obfuscation and Incorporates IoT Device Scanner A new variant of the PyRoMine cryptocurrency mining malware has been discovered by security researchers at Fortinet. The Pythod-based malware variant has been named PyRoMineIoT. ... Read more
June 11, 2018 Spammers Use iqy Files to Deliver Remote Access Trojan Macros have long been favored by cybercriminals as a method of installing malware. The macros launch VB, JavaScript and PowerShell scripts that download malware. Due ... Read more
June 7, 2018 New Capabilities of VPNFilter Malware Uncovered: More Routers Vulnerable that Initially Thought Security researchers at Cisco Talos, who identified VPNFilter malware last month, initially estimated that approximately half a million routers had been infected with the malware. ... Read more
June 5, 2018 May Saw Massive Increase in TSB Phishing Scams There has been a massive increase in TSB phishing scams over the past month. In April, TSB bank transitioned to a new core banking system. ... Read more
June 4, 2018 New Windows Zero Day JScript Remote Code Execution Vulnerability Disclosed A new Windows zero day remote code execution flaw has been identified. The flaw is present in Microsoft’s ECMAScript standard and affects the Jscript component ... Read more
May 30, 2018 US-CERT Issues Warning About Two North Korean Malware Variants Two malware strains – known as Joanap and Brambul – are being used to establish peer to peer connections and remotely access infected systems, manage ... Read more
May 29, 2018 Warning Issued to Business and Consumers Over VPNFilter Malware Infections on Routers Security researchers at Cisco Talos have been tracking a VPNFilter malware campaign that has seen more than 500,000 consumer-grade routers and NAS devices infected. While ... Read more
May 18, 2018 New Mirai IoT Botnet Detected The Mirai IoT botnet has been used to conduct some of the largest distributed denial of service (DDoS) attacks ever seen. Since the release of ... Read more
May 18, 2018 $875,000 Settlement Agreed in W-2 Phishing Scam Lawsuit A class-action lawsuit stemming from a W-2 phishing scam that saw an employee of the respiratory therapy supplier Lincare Inc., send the W-2 Forms of ... Read more
May 14, 2018 Vega Stealer Malware Harvesting Credentials from Web Browsers A new variant of August Stealer – named Vega Stealer – is being distributed in small phishing campaigns targeting marketing, advertising, and PR firms and ... Read more
May 2, 2018 What are the Most Clicked Phishing Emails? KnowBe4 has released a quarterly report that reveals the most clicked phishing emails in Q1, 2018 – The emails that are proving to be the ... Read more
April 18, 2018 Mimecast Enhances Its Email Threat Protection Services The email security solution provider Mimecast has announced enhancements have been made to its email and data security solutions to better protect users from the ... Read more
April 2, 2018 TitanHQ Protecting McDonalds Restaurants from Malware with SpamTitan TitanHQ has announced that McDonalds is now being protected from email spam, malware, ransomware, and phishing attacks with SpamTitan, the Galway, Ireland-based company’s award-winning anti-spam ... Read more
March 28, 2018 New Insider Threat Training Modules Released by Wombat Security Anti-phishing solution provider Wombat Security – now a division of Proofpoint – has released new insider threat training modules to help businesses deal with the ... Read more
March 22, 2018 NH-ISAC Partnership with Anomali Boosts Threat Detection and Data Sharing The National Health Information Sharing and Analysis Center (NH-ISAC) and Anomali have begun working together and will be providing threat intelligence to healthcare centers through ... Read more