04 Nov 2019

Ransomware School: The Rise of GandCrab Disciples

The highly successful GandCrab ransomware-as-a-service (RaaS) platform that retired over the summer, turned the ransomware market from a loose collection of private and silent developers into a lively underground community, a new report by AdvIntel shows. “Before GandCrab, traditional ransomware teams, run by Russian-speaking hackers, were acting privately, silently and

Read More
04 Nov 2019

Nikkei Hit in $29m BEC Scam

Japanese Media firm Nikkei, which owns the Financial Times, was scammed out of $29 million dollars in September of this year because a staff member of its US subsidiary fell for what seems to have been a textbook Business Email Compromise (BEC) attack, the company admitted. In a statement, Nikkei

Read More
04 Nov 2019

Sketchy Android keyboard app with 40M downloads makes money off unauthorized purchases

A popular unofficial Android keyboard app that has been installed more than 40 million times, secretly engages in click-fraud and steals money from users by signing them up to paid subscriptions without their knowledge, researchers with Upstream have discovered. While the Ai.type app was actually booted from the Google Play

Read More
01 Nov 2019

32,000+ WiFi Routers Potentially Exposed to New Gafgyt Variant

New research by Unit 42 warns that a new version of the Gafgyt Internet of Things (IoT) botnet is targeting vulnerabilities in home routers by Huawei, Realtek and Zyxel. Scan results show that the total number of vulnerable devices is at least 32,000. Gafgyt has been active since 2014, and

Read More
01 Nov 2019

Thousands of QNAP NAS devices have been infected with the QSnatch malware

Threat actors are targeting network-attached storage (NAS) devices produced by Taiwanese tech firm QNAP with QSnatch, a malware strain that has not been spotted before. The German Computer Emergency Response Team (CERT-Bund) has reported more than 7,000 infections so far, but the campaign is targeting devices across the world. A

Read More
01 Nov 2019

How schools can better protect themselves against cyberattacks

A new report by Barracuda Networks indicates that US K-12 schools have suffered a total of 301 cyberattacks so far this year, which is already more than double the total number of attacks reported throughout 2018 (124). Almost one-third (31%) of cyber incidents involved a data breach, while 23% involved

Read More
01 Nov 2019

Cybercriminals using custom phishing tools to target the world’s largest tech brands

A new report by Akamai shows that the most popular companies targeted in phishing campaigns are Microsoft, PayPal, DHL, and Dropbox, which together accounted for 42.63% of all observed phishing domains. Microsoft, which accounted for 21.88% of domains alone, is highly popular among cybercriminals selling Phishing as a service (PaaS)

Read More
31 Oct 2019

2020 is the Year Data Gets Weaponized

A new Forrester report projects how the cyber threat landscape is likely to evolve in the coming years. The picture it paints of the near future is grim, to say the least. The researchers project that it might not be long before “evil can adopt artificial intelligence and machine learning

Read More
31 Oct 2019

21 Million Logins for Top 500 Firms Offered on the Dark Web

Threat actors are distributing more than 21 million login details for Fortune 500 companies on the dark web, security researchers with ImmuniWeb have discovered by crawling underground market places, forums and other sites. Over 16 million of the credentials were stolen in the past year. According to the report “95%

Read More
31 Oct 2019

An 82-Year-Old Is Suspected Of Decades-Long Scam Selling Dangerous Weapons Parts To US Military

The US Department of Justice is accusing an 82-year-old American citizen of having sold “blatantly defective replacement parts for US military weapon systems” to the US Department of Defense (DoD) since 1997. The defective parts were mostly tubes and pipes for controlling fluid in military machines that were deemed critical

Read More