21 Jan 2019

Cybercrime could cost companies trillions over the next five years

A new report(pdf) by Accenture indicates that over the next 5 years, cyberattacks could result in global costs totaling $5.2 trillion. That amount includes both lost revenue for companies and the expenses businesses are likely to incur due to attacks. The high costs have to do with the growth of

Read More
21 Jan 2019

DarkHydrus abuses Google Drive to spread RogueRobin Trojan

Researchers with the 360 Threat Intelligence Center (360TIC) have spotted a new attack campaign by the DarkHydrus advanced persistent threat (APT) group, also called Lazy Meerkat, which goes after political targets in the Middle East. DarkHydrus is known for targeting victims with spear-phishing emails and is currently spreading the RogueRobin backdoor Trojan through malicious Microsoft

Read More
21 Jan 2019

Ex-Employee Hacks WPML WordPress Plugin Site and Spams Users

The website of the WordPress Multilingual Plugin (WPML) has been hacked by an ex-employee over the weekend. As part of the attack, the threat actor sent an email to the 600,000 WPML customers claiming that the plugin for multilingual website support is riddled with “ridiculous security holes”, which caused two of

Read More
18 Jan 2019

Ongoing Attacks Hit West African Financial Institutions Since Mid-2017

Financial institutions in Cameroon, Congo (DR), Equatorial Guinea, Ghana and Ivory Coast have been targeted by unknown threat actors in a cyberattack campaign that started in mid-2017 and is still ongoing. According to security researchers with Symantec, the attackers have been using a variety of open-source and off-the shelf malware tools including

Read More
17 Jan 2019

Compromised ad company serves Magecart skimming code to hundreds of websites

In a massive new Magecart campaign, hackers have inserted malicious payment card skimming code into “277 e-commerce websites providing ticketing, touring, and flight booking services as well as self-hosted shopping cart websites from prominent cosmetic, healthcare, and apparel brands”. Magecart is an umbrella term for various criminal groups that attack e-commerce

Read More
17 Jan 2019

Hackers breach and steal data from South Korea’s Defense Ministry

South Korea’s Defense Acquisition Program Administration (DAPA), which is the country’s national defense agency in charge of managing arms procurement for the military, has experienced a cyberattack. The attack took place in October of last year, and resulted in the compromise of 30 DAPA computers by unidentified hackers, who managed

Read More
16 Jan 2019

U.S. Spies to Americans: China and Russia Are Coming to Get You – Featuring insights from OODA’s Bob Gourley

Kimberly Dozier of the The Daily Beast has spoken to various U.S. counterintelligence specialists about the very real threat that foreign hackers pose to U.S. organizations. Bob Gourley of OODA was among the experts she consulted. In the article, Bob Gourley explains that for over 20 years, the U.S. government

Read More
16 Jan 2019

Researchers Link Chilean Interbank Attack to North Korea

Flashpoint research indicates that a December 2018 cyberattack targeting Redbanc, a Chilean interbank network, may have been the work of the advanced persistent threat group Lazarus, which has been linked to the North Korean government. Researchers based their assumption on the fact that the attackers used PowerRatankba, a malware toolkit that has

Read More
15 Jan 2019

Don’t Ignore These 10 Global Business Risks In 2019

In order for companies to thrive in 2019, business leaders need to prepare for a great number of cyberthreats and other risks. According to Chloe Demrovsky, CEO of Disaster Recovery Institutce International (DRI), the most important risks include the potential start of a new worldwide financial crisis; steep fines companies may need

Read More
15 Jan 2019

Arm yourselves for healthcare’s cybersecurity war

US healthcare organizations (HCOs) are highly popular targets for cyberattacks for two reasons. First of all, HCOs are easy to breach, since a majority of them lack a proper cybersecurity program based on the NIST Cybersecurity Framework, and many organizations use poorly secured medical internet of things (IoT) devices. Secondly, threat actors

Read More