10 Jan 2019

Global Certainty of Future Cyberattacks Growing

A global Pew Research Center survey shows that cyberattacks are increasingly considered a normal part of modern life. The survey was conducted among over 27,000 respondents from 26 different countries. Overall. 74% of respondents expected cyberattacks to impact national security, 69% said the same about damage to public infrastructure, while

Read More
10 Jan 2019

Critical Flaw in Cisco’s Email Security Appliance Enables ‘Permanent DoS’

Cisco has plugged 18 vulnerabilities, including two flaws that could allow threat actors to carry out denial of service (DoS) attacks on affected machines by means of sending an email. One of the DoS bugs was rated as critical, and the other as “high” in terms of severity. The 16 remaining

Read More
10 Jan 2019

Magecart Mayhem Continues in OXO Breach

American home goods manufacturer OXO International has suffered a data breach involving multiple windows of compromise between June 2017 and October 2018. The breach was most likely the result of a Magecart attack. Magecart refers to various cybercriminal groups known for attacking e-commerce sites and installing digital credit card skimmers onto compromised checkout

Read More
10 Jan 2019

This Trojan attack adds a backdoor to your Windows PC to steal data

Researchers at cybersecurity firm Proofpoint have discovered a new attack campaign by TA505, a notorious cybercrime group responsible for various major attacks in recent years, including the Locky ransomware campaign. The campaign combines two types of malware, ServHelper and FlawedGrace. ServHelper is the newest of the two, being discovered only in November of last year. It installs

Read More
09 Jan 2019

Phone fraudsters are stealing billions each year through a scheme known as IRSF

According to the Communications Fraud Control Association, telcos and consumers have lost over $38 billion to phone fraudsters over the last decade. The most lucrative scam, accounting for $4 – $6 billion in damages, has been International Revenue Share Fraud (IRSF). IRSF takes advantage of premium phone numbers that charge

Read More
09 Jan 2019

Remote Code Execution Bugs Are Primary Focus of January Patch Tuesday

Microsoft has fixed a total of 49 vulnerabilities as part of January’s Patch Tuesday, including 7 critical, 40 important and 2 moderate flaws. Almost half of all patched bugs were remote code execution (RCE) vulnerabilities, eleven of which involved the Jet Database Engine. However, some experts note that when it

Read More
09 Jan 2019

This old ransomware is using an unpleasant new trick to try and make you pay up

Researchers at cyber security firm Coveware have uncovered a new ransomware campaign in which threat actors try to manipulate victims into paying ransom to regain access to their files, by claiming the money will be donated to charity. The ransomware used in the campaign is CryptoMix, a relatively unknown file-encrypting

Read More
09 Jan 2019

85 Adware Apps in Google Play Installed 9 Million Times

Once again criminals have managed to sneak malicious apps onto the Google Play Store. Trend Micro researchers discovered a whopping 85 adware apps accounting for over 9 million total downloads. The apps would serve an excessive amount of ads, including hidden ads running in the background. While the apps had

Read More
09 Jan 2019

New tool automates phishing attacks that bypass 2FA

At the start of this year, Polish researcher Piotr Duszyński published Modlishka, a new penetration testing tool that makes the automation of phishing attacks easier than ever before, and even allows attackers to bypass two-factor authentication (2FA) for targeted accounts. Modlishka is considered a reverse proxy that sits between a

Read More
09 Jan 2019

Disgruntled Man Behind German Cyber-Attack

According to investigators at the German Federal Criminal Police Office (BKA), a 20-year-old man has admitted that he was behind the recent data breach involving the publication of personal data of hundreds of German politicians and public figures. The BKA stated that they had interrogated the suspect, who then admitted “that

Read More