12 May 2021

Blurred WFH lines create cybersecurity challenges for companies

The Covid-19 pandemic has led to many changes in the workplace, the most prevalent being the number of workers who work remotely. Companies and employees face the challenge of protecting company secrets and cybersecurity without being protected by corporate firewalls. HP released a study, “Blurred lines and Blindspots” through its

Read More
11 May 2021

University Cancels Exams After Cyber-Attack

Final exams at Rensselaer Polytechnic Institute (RPI) have been called off following a cyberattack that impacted the university’s operations. According to the university, it was forced to shut down most of its computer network after detecting unauthorized access last Friday. Research and other academic activities were also impacted as a

Read More
11 May 2021

Japanese Manufacturer Yamabiko Targeted by Babuk Ransomware

A Japanese manufacturer has been targeted by the Babuk ransomware after a recent attack on Washington DC’s police department. The ransomware gang has most recently attacked Yamabiko, a Tokyo-headquartered manufacturer of power tools and industrial machinery. The company was allegedly added to Babuk’s data leak site, signifying that the company

Read More
11 May 2021

Lemon Duck Cryptojacking Botnet Changes Up Tactics

The Lemon Duck cryptocurrency mining botnet has adapted its tactics, now targeting Microsoft Exchange servers via ProxyLogon in a new campaign against North American targets. The botnet is leveraging the ProxyLogon exploits to conduct effective attacks while incorporating new techniques such as anti-detection capabilities and the addition of the Cobalt

Read More
11 May 2021

Update on the Colonial Pipeline ransomware attack

Last Friday, the Colonial Pipeline suffered from a cyberattack forcing it to shut down four of its main lines and highlighting the real-world consequences of a successful campaign against infrastructure. The shutdown has caused fuel shortages and prices to rise. Colonial provides roughly 45% of the East Coast’s fuel, such

Read More
10 May 2021

iPhone Hack Allegedly Used to Spy on China’s Uyghurs

US intelligence has stated that the Chaos iPhone flaw that allows for remote takeover was leveraged by China against the minority ethnic group, the Uyghurs before Apple patched the issue. A Chinese security researcher working at the antivirus company Qihoo 360 allegedly found the complex exploit in 2019, dubbing it

Read More
10 May 2021

Ransomware Takes Down East Coast Fuel Pipeline

The US government has issued emergency legislation following a ransomware attack that impacted the country’s largest fuel pipeline, the Colonial Pipeline. Over the weekend, the pipeline confirmed that it had suffered from a serious cyber-attack that resulted in some of its services being taken offline. The infrastructure attack is the

Read More
10 May 2021

Amazon seized, destroyed two million fake products sent to warehouses in 2020

In 2020, Amazon allegedly identified and destroyed two million fake products delivered to warehouses. The e-commerce giant allows third-party sellers from around the world to display their products through the platform, however, scammers have always populated the marketplace. According to Amazon, fakes, counterfeits, poor quality products, misleading photos, and more

Read More
07 May 2021

Misconfigured Database Exposes 200K Fake Amazon Reviewers

A misconfigured database has allegedly exposed a coordinated scheme by Amazon vendors to boost product ratings through utilizing fake accounts and reviews. Security researchers at SafetyDetectives located a China-based Elasticsearch server that was exposed to the public online, lacking any password protection or encryption. After looking further into the exposed

Read More
07 May 2021

Critical Cisco SD-WAN, HyperFlex Bugs Threaten Corporate Networks

Cisco has rolled out patches addressing severe vulnerabilities that could be exploited to perform remote code execution and privilege escalation. The flaws lie in the SD-WAN vManage Software. The bugs could allow an unauthenticated attacker to steal information from vulnerable networks. Cisco also disclosed a denial-of-service issue in the same

Read More