26 Jun 2019

Malicious URL attacks using HTTPS surge across the enterprise

The latest Email Threat report by FireEye shows that threat actors are increasingly using HTTPS in order to make malicious URLs to seem legitimate. Between Q4 of 2018 and Q1 of this year, the number of malicious HTTPS links increased by 26%. Malicious email attachments are becoming less common. Phishing

Read More
26 Jun 2019

US Tech Companies Sidestep a Trump Ban, to Keep Selling to Huawei

US tech firms including Intel and Micron are evading a US executive order barring them from selling American technology to Huawei, industry insiders claim. The US companies sidestep sanctions on Huawei by not labeling their technology as American-made. While US firms are allowed to sell American technology that is used

Read More
26 Jun 2019

Companies on Watch After US, Iran Claim Cyberattacks

Against a background of mounting tensions between Washington and Tehran, both the US and Iran have started targeting each other in cyberspace. As result, experts are warning critical infrastructure companies and organizations doing business in the Middle East to step up their cybersecurity efforts in order to protect themselves against

Read More
26 Jun 2019

Eurojust and Europol Lift the Blanket off A 24 Million Euro Crypto Hack

A joint operation by Europol, Eurojust and law enforcement agencies from the Netherlands and the UK has uncovered a major cryptocurrency heist. Threat actors stole €24 million (over $27 million) in cryptocurrency from a minimum of 4,000 victims across 12 countries. Six people have been arrested in connection with the

Read More
26 Jun 2019

Cybercriminals leverage malicious Office docs, Mac malware, web app exploits

A new Watchguard report shows that malware detections rose by 62% between Q4 of 2018 and Q1 of this year. The study also found that macOS malware is a growing threat, with two strains making the top 10 of most common malware in Q1 2019. Attacks on web applications are

Read More
26 Jun 2019

Recipe for Disaster as Tech Support Scammers Use Paid Search

Tech support scammers are purchasing ads on Google and Bing in order to lure people to websites that will display a fake warning page and urge visitors to contact ‘technicians’ using a provided number. Malwarebytes says scammers have been using this tactic for months. Unsuspecting users that call the fake

Read More
26 Jun 2019

New Silex malware is bricking IoT devices, has scary plans

A researcher with Akamai has uncovered a highly destructive campaign that is rendering thousands of Internet-of-things (IoT) devices useless by wiping their firmware. The malware used to “brick” IoT devices is a new strain called Silex. While the functionality of targeted devices can technically be restored by reinstalling the firmware,

Read More
25 Jun 2019

China Blamed for APT Attacks on Global Telcos

Cybereason has published a new report on a massive cyber espionage campaign that has targeted telcos around the globe since 2017. The researchers believe “Operation Soft Cell,” is the work of APT10, a notorious hacking group with ties to China’s Ministry of State Security (MSS). The campaign was carried out

Read More
25 Jun 2019

Researchers Show How to Send Fake Presidential Alerts To Your Phone

Researchers at the University of Colorado Boulder have uncovered critical shortcomings in the Wireless Alert System that can enable threat actors to send fake Presidential Alerts to tens of thousands of people at once. A research paper[pdf] outlines the attack, which requires the attacker to set up a fake cell

Read More
25 Jun 2019

Tesco Hacked on Twitter Spoofs Bill Gates and Pushes BTC Scam

A threat actor on Tuesday took over the Twitter account of British retail giant Tesco. What followed was a rather poorly executed cyber scam. Initially the hacker posted a pinned Tweet on the account telling people that if they would send bitcoins to a provided bitcoin address, they would receive

Read More