Ransomware actors are actively exploiting a critical flaw in the Pulse Secure VPN service, a security researcher recently discovered. The flaw, tracked as CVE-2019-1150, enables attackers to establish unauthenticated HTTPS connections to enterprise networks using the VPN service. Pulse Secure patched the issue in April of last year, and on

In October of last year, Magecart actors breached Blue Bear Software, a major e-commerce platform for educational institutions, the vendor’s parent company Active Networks has announced. Magecart is an umbrella term for various criminal groups that attack websites with the aim of injecting them with “skimming” malware designed to steal the

A recent study by Microsoft provides insights into brute-force attacks targeting Remote Desktop Protocol (RDP) implementations in enterprise environments. Over the last few years, RDP brute-forcing has become a popular attack vector in ransomware and other malware campaigns. By analyzing RDP-login events on 45,000 enterprise workstations, Microsoft found that the

Researchers with FortiGuard have linked DeathRansom malware to a number of info-stealing campaigns, all of which seem to be the work of a Russian-speaking resident of Italy who uses the moniker “scat01.” DeathRansom began as a sort of dark joke, since the malware initially pretended to be file-encrypting ransomware, but

On New Year’s Eve, global currency exchange giant Travelex experienced a “software virus” infection that “compromised some of its services”, as a result of which the company’s websites have been unavailable for almost a week now. The company says it has taken down all of its systems “as a precautionary

The number of automotive cyber incidents has surged by 605% since 2016 and doubled between 2018 and 2019, a new report by Upstream Security shows. The majority of incidents (57%) were the work of cybercriminals, while security researchers accounted for 38%. In 2019, the vast majority (82%) of attacks were

Arkansas-based telemarketing firm The Heritage Company suffered a ransomware attack two months ago, which may mean the end of the 61-year-old business. Even though the company paid the ransom, it was forced to suspend operations indefinitely on December 23. On January 2, the over 300 employees of the firm were

IBM X-Force data indicated that Trickbot banking Trojan is undergoing code modifications and global attacks are increasingly targeting Japan ahead of the 2020 holidays. IBM reported that Trickbot is currently the most active and widely used baking Trojan. In August, Trickbot was modified to target mobile devices and is the

Experian, an American credit reporting company, published a 2020 data breach industry forecast that stated “smishing” or text-based phishing, would be the next danger to consumers and agencies. Following smishing is drones that steal customer data, disruptive deepfakes, hacktivism, and identity theft through mobile payment systems. The report claims that

Positive Technologies published a Cybersecurity Threatscape Q3 2019 update that found targeted attacks rose to 65% in Q3. Positive technologies also established that 81% of malware infections of corporate infrastructure originated with a phishing message. The targeted attacks in Q3 were mostly conducted by APT groups that pretend to represent