August 14, 2020 SANS Institute Suffers Phishing Attack Involving Theft of 28,000 Individuals’ Information The SANS Institute, a leading provider of cybersecurity training and certification services, has suffered a phishing attack in which the email account of one of ... Read more
August 6, 2020 INTERPOL Report Shows Major Increase in Cyberattacks During the COVID-19 Pandemic INTERPOL has completed an assessment of the impact of COVID-19 on cybercrime and has found a major increase in attacks during the pandemic, with cybercriminals ... Read more
August 4, 2020 Netwalker Ransomware Gang Generates Over $25 Million in Ransom Payments in 5 Months 2020 has seen the Netwalker ransomware gang step up attacks on government organizations, healthcare providers, educational institutions, and private companies. In late July the FBI ... Read more
August 3, 2020 PHI of Customers Stolen in Looting Incidents at Cub Pharmacies A pharmacy network has revealed the protected health information of some of its customers has been illegally taken by looters in late May during the ... Read more
August 3, 2020 Spear Phishing Used in Twitter Hack: Three Individuals Charged In July 2020, Twitter was hacked and hackers temporarily took control of several high-profile Twitter accounts with millions of followers. The accounts were used to ... Read more
July 31, 2020 FBI Issues Flash Alert Warning of Netwalker Ransomware Attacks The FBI has issued a Flash Alert following an increase in Netwalker ransomware attacks in the United States. Netwalker ransomware was first identified in March ... Read more
July 29, 2020 The Average Cost of a Data Breach is Now $3.86 Million The 2020 Cost of a Data Breach Report from IBM Security has revealed the global average cost of a data breach is now $3.86 million, ... Read more
July 24, 2020 Sarrell Regional Dental Center Ransomware Legal Action Thrown Out by Federal Judge A legal action filed against Sarrell Regional Dental Center for Public Health Inc. in relation to a July 2019 ransomware attack has been thrown out ... Read more
July 24, 2020 Malware Attacks Down, but Ransomware and IoT Attacks Have Surged in 2020 Cybercriminals were quick to respond to the COVID-19 pandemic and changed their tactics, techniques and procedures to capitalize on the uncertainly surrounding the 2019 novel ... Read more
July 23, 2020 Search and Destroy ‘Meow’ Bot has Wiped More Than 1,000 Online Databases Companies that fail to secure their Elasticsearch and MongoDB instances are being targeted by an attacker who destroys the data, overwriting the databases with a ... Read more
July 16, 2020 Twitter Confirms Admin Tool Hacked and Used in Massive Cryptocurrency Scam Several high-profile Twitter accounts have been ‘hacked’ and used in a major cryptocurrency scam. The first Tweets were sent from the accounts around 3pm on ... Read more
July 11, 2020 Lack of Encryption & Other HIPAA Breaches Leads to $1m HIPAA Penalty for Lifespan The HHS’ Office for Civil Rights has sanctioned a $1,040,000 HIPAA penalty on Lifespan Health System Affiliated Covered Entity (Lifespan ACE)after identifying systemic noncompliance with ... Read more
July 8, 2020 More Than 15 Billion Credentials are up for Sale on Hacking Forums New research conducted by Digital Shadows has provided insight into the scale of credential theft and the extent to which stolen credentials are being sold ... Read more
June 30, 2020 ESET Reports Doubling of Brute Force Attacks on Remote Desktop Services During the COVID-19 Pandemic Cybersecurity firm ESET has analyzed its telemetry data and found there has been a major increase in brute force attacks on remote desktop services during ... Read more
June 27, 2020 Cybercriminal Apprehended & Charged for 2014 UPMC Cyberattack The United States Attorney’s Office of the Western District of Pennsylvania has released a statement that confirms a suspect has been arrested and charged in ... Read more
June 26, 2020 REvil Threat Group Starts Using New WastedLocker Ransomware The Evil Corp Threat Group that was behind the Dridex banking Trojan and BitPaymer ransomware has started using a new ransomware variant in targeted attacks ... Read more
June 25, 2020 Newly Discovered Self-Propagating Lucifer Malware Capable of Cryptojacking and DDoS Attacks Palo Alto Networks’ Unit 42 researchers have identified a new Windows malware dubbed ‘Lucifer’ that drops the XMRig cryptocurrency miner, has Distributed Denial of Service ... Read more
June 24, 2020 REvil Ransomware Gang Observed Scanning Compromised Networks for PoS Software The REvil gang behind Sodinokibi ransomware are using a new tactic in their attacks. The gang is already known for compromising systems and stealing data ... Read more
June 23, 2020 BEC Gangs Abandon C-Suite Executives in Favor of Attacks on Finance Employees A recent report from Abnormal Security suggests business email compromise gangs have changed tactics and have new targets in their sights. BEC gangs have historically ... Read more
June 22, 2020 Massive Global Surveillance Campaign Used Rogue Chrome Extensions to Steal Data Researchers at Awake Security have uncovered a massive global surveillance campaign that used malicious Google Chrome extensions to steal sensitive data. The extensions had been ... Read more
June 18, 2020 Microsoft’s COVID-19 Threat Analysis Reveals Attackers Adapt Campaigns to Local Events Many threat actors have adopted COVID-19 themed lures in phishing campaigns and for distributing malware, but the proportion of COVID-19 related threats is much lower ... Read more
June 15, 2020 113 Email Accounts Compromised in NHS Phishing Attack The UK’s National Health Service (NHS) has suffered a phishing attack that saw 113 NHSmail email accounts compromised and used to send malicious emails to ... Read more
June 12, 2020 Exposed Elasticsearch Instances are Found by Hackers in a Matter of Hours How long does it take hackers to find exposed Elasticsearch servers and exposed S3 Buckets? Just a few hours according to Comparitech. Comparitech researchers are ... Read more
June 9, 2020 PoC Exploit for SMBGhost Windows 10 RCE Flaw Released and Attacks Identified The SMBGhost vulnerability in Windows 10 that was patched by Microsoft in March 2020 is being actively exploited in the wild, according to a recent ... Read more
June 8, 2020 Fake CVs, Medical Leave Forms, Voicemail Alerts Used as Lures in Phishing Attacks Researchers at Check Point have issued a warning that cybercriminals are using fake CVs, resumes, and medical leave forms to spread malware such as banking ... Read more
June 5, 2020 Tycoon Ransomware Uses Rare Java Image File Format to Evade Security Solutions Researchers at Blackberry Threat intelligence and KPMG have identified a new Java-based ransomware dubbed Tycoon that is being used in highly targeted attacks on educational ... Read more
May 29, 2020 Updated Valek Malware Used in Targeted Attacks on U.S and German Enterprises Enterprises in the United States and Germany are being targeted in a phishing campaign spreading Valek malware, according to researchers at Cybereason Nocturnus. Valek is ... Read more
May 28, 2020 StrandHogg 2.0 Android Flaw Allows Hackers to Hijack Legitimate Apps The Norwegian security researchers who identified the StrandHogg vulnerability in the Android platform have identified another vulnerability that is even more dangerous that the original. ... Read more
May 26, 2020 Ragnar Locker Ransomware Deploys Virtual Machine to Evade Security Software A new tactic is being used by the threat actors behind Ragnar Locker ransomware that allows them to evade security measures on the host machine ... Read more
May 22, 2020 67 Percent of Breaches Caused by Credential Theft, User Error, and Social Attacks The Verizon 2020 Data Breach Investigations Report shows financial gain is the biggest motivator for cyberattacks, accounting for 86% of the 32,002 security incidents analyzed ... Read more