01 Nov 2019

How schools can better protect themselves against cyberattacks

A new report by Barracuda Networks indicates that US K-12 schools have suffered a total of 301 cyberattacks so far this year, which is already more than double the total number of attacks reported throughout 2018 (124). Almost one-third (31%) of cyber incidents involved a data breach, while 23% involved

Read More
01 Nov 2019

Calypso APT Emerges from the Shadows to Target Governments

Security researchers with Positive Technologies have been tracking the activities of a previously unknown advanced persistent threat (APT) group called Calypso since March of this year. Calypso, which is believed to have been operating since at least 2016, uses a custom remote access Trojan (RAT) in order to target government

Read More
01 Nov 2019

Cybercriminals using custom phishing tools to target the world’s largest tech brands

A new report by Akamai shows that the most popular companies targeted in phishing campaigns are Microsoft, PayPal, DHL, and Dropbox, which together accounted for 42.63% of all observed phishing domains. Microsoft, which accounted for 21.88% of domains alone, is highly popular among cybercriminals selling Phishing as a service (PaaS)

Read More
31 Oct 2019

2020 is the Year Data Gets Weaponized

A new Forrester report projects how the cyber threat landscape is likely to evolve in the coming years. The picture it paints of the near future is grim, to say the least. The researchers project that it might not be long before “evil can adopt artificial intelligence and machine learning

Read More
31 Oct 2019

Indian nuclear power plant’s network was hacked, officials confirm

Threat actors have managed to infect the network of an Indian nuclear power plant with malware, the Nuclear Power Corporation of India Limited (NPCIL) has admitted, adding that India’s national computer emergency response team (CERT-In) discovered the issue last month. NPCIL stated that an investigation by India’s Department of Atomic

Read More
31 Oct 2019

Office 365 users targeted with fake voicemail alerts in suspected whaling campaign

McAfee researchers have uncovered a phishing campaign that targets major enterprises with fake voicemail messages. Since the targeted individuals include company executives, the researchers suggest that the the attack could be considered “whaling.” The phishing emails impersonate Microsoft and inform users about a missed call. The message includes an HTML

Read More
31 Oct 2019

Hackers who extorted Uber and LinkedIn plead guilty

In 2016, one American citizen and one Canadian national teamed up to compromise the systems of Uber and LinkedIn in order to steal user information, which they subsequently used in order to extort the two companies, the two admitted in court this week. The threat actors used a custom tool

Read More
31 Oct 2019

Data Breach Hits 22 Million Web.com, Register.com, Network Solutions Accounts

Threat actors may have stolen around 22 million records of current and former customers of Web.com and its subsidiaries Network Solutions and Register.com. The breach occurred at the end of August of this year, but the popular domain registrars did not discover it until October 16. The exposed data was

Read More
31 Oct 2019

Why cloud apps could be your biggest security worry

A new report by Securonix shows that about one in four organizations suffered more than 5 insider attacks in the last 12 months, and 70% believe that these attacks are increasingly common. According 4 in 10 infosec pros, cloud storage is more vulnerable to insider threats than any other element

Read More
31 Oct 2019

Murky Details Surround Bed, Bath and Beyond Breach

Bed, Bath and Beyond has suffered a data breach that allegedly impacted less than 1% of the company’s customer accounts. The firm said in an SEC filing that it “discovered that a third party acquired email and password information from a source outside of the company’s systems which was used

Read More