21 Jan 2019

DNC: Russian Hackers Attacked Us Again After Midterm Elections

The US Democratic National Committee claims it has once again been the target of a cyberattack carried out by Cozy Bear, a hacking group with links to the Russian government. In addition to the notorious hack during the 2016 presidential election campaign and a lesser known hacking incident that took place

Read More
21 Jan 2019

Cybercrime could cost companies trillions over the next five years

A new report(pdf) by Accenture indicates that over the next 5 years, cyberattacks could result in global costs totaling $5.2 trillion. That amount includes both lost revenue for companies and the expenses businesses are likely to incur due to attacks. The high costs have to do with the growth of

Read More
21 Jan 2019

DarkHydrus abuses Google Drive to spread RogueRobin Trojan

Researchers with the 360 Threat Intelligence Center (360TIC) have spotted a new attack campaign by the DarkHydrus advanced persistent threat (APT) group, also called Lazy Meerkat, which goes after political targets in the Middle East. DarkHydrus is known for targeting victims with spear-phishing emails and is currently spreading the RogueRobin backdoor Trojan through malicious Microsoft

Read More
21 Jan 2019

Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users

The website of the WordPress Multilingual Plugin (WPML) has been hacked by an ex-employee over the weekend. As part of the attack, the threat actor sent an email to the 600,000 WPML customers claiming that the plugin for multilingual website support is riddled with “ridiculous security holes”, which caused two of

Read More
21 Jan 2019

Fallout EK Retools for a Fresh New 2019 Look

The infamous Fallout exploit kit (EK), commonly used in malvertising campaigns, has received a major update and can now deliver GandCrab ransomware. After a brief lull in activity since the end of last year, researchers with Gigamon have spotted a new wave of activity involving the malicious toolbox. The EK

Read More
18 Jan 2019

Government cybersecurity at risk as shutdown lingers

Due to the ongoing shutdown, US government agencies are becoming increasingly vulnerable to cyberattacks. Because cybersecurity and IT staff have been furloughed in many government agencies, TLS certificates for government websites are not being renewed, systems aren’t being patched and there is no active monitoring of agency networks for performance

Read More
18 Jan 2019

These malicious Android apps will only strike when you move your smartphone

Once again, cybercriminals have managed to sneak malicious apps onto the Google Play Store. Researchers with Trend Micro have found two Android apps on Google Play that serve the Anubis banking Trojan, but only if information from the motion sensors on the targeted device indicate movement. The two apps are Currency

Read More
18 Jan 2019

Facebook Shuts Hundreds of Russia-Linked Pages, Accounts for Disinformation

Helped by a tip from US law enforcement, Facebook has shut down two massive Russian disinformation campaigns comprising hundreds of Facebook groups and pages as well as Facebook and Instagram accounts with hundreds of thousands of followers. One of the campaigns focused on Ukraine, whereas the other targeted countries in Central

Read More
18 Jan 2019

Malware can now evade cloud security tools, as cybercriminals target public cloud users

Rocke Group, a cybercrime group believed to be operating from China, has developed cryptocurrency mining software that can uninstall cloud-based security solutions from targeted systems as a way of evading detection. Researchers with Palo Alto have so far only found proof that the malware works on Chinese cloud security solutions,

Read More
18 Jan 2019

Ongoing Attacks Hit West African Financial Institutions Since Mid-2017

Financial institutions in Cameroon, Congo (DR), Equatorial Guinea, Ghana and Ivory Coast have been targeted by unknown threat actors in a cyberattack campaign that started in mid-2017 and is still ongoing. According to security researchers with Symantec, the attackers have been using a variety of open-source and off-the shelf malware tools including

Read More