31 Oct 2019

Office 365 users targeted with fake voicemail alerts in suspected whaling campaign

McAfee researchers have uncovered a phishing campaign that targets major enterprises with fake voicemail messages. Since the targeted individuals include company executives, the researchers suggest that the the attack could be considered “whaling.” The phishing emails impersonate Microsoft and inform users about a missed call. The message includes an HTML

Read More
31 Oct 2019

Hackers who extorted Uber and LinkedIn plead guilty

In 2016, one American citizen and one Canadian national teamed up to compromise the systems of Uber and LinkedIn in order to steal user information, which they subsequently used in order to extort the two companies, the two admitted in court this week. The threat actors used a custom tool

Read More
31 Oct 2019

Data Breach Hits 22 Million Web.com, Register.com, Network Solutions Accounts

Threat actors may have stolen around 22 million records of current and former customers of Web.com and its subsidiaries Network Solutions and Register.com. The breach occurred at the end of August of this year, but the popular domain registrars did not discover it until October 16. The exposed data was

Read More
31 Oct 2019

Murky Details Surround Bed, Bath and Beyond Breach

Bed, Bath and Beyond has suffered a data breach that allegedly impacted less than 1% of the company’s customer accounts. The firm said in an SEC filing that it “discovered that a third party acquired email and password information from a source outside of the company’s systems which was used

Read More
30 Oct 2019

The nastiest ransomware, phishing and botnets of 2019

According to a new Webroot report, the nastiest ransomware threat of 2019 was the Emotet – Trickbot – Ryuk attack chain that resulted in massive financial losses for targeted organizations. The Trickbot – Ryuk combination also features on the list separately, taking the second spot. Other top ransomware threats were

Read More
30 Oct 2019

xHelper Trojan Variant Reinstalls Itself After Removal, Infects 45K

In the past 6 months, an Android Trojan called xHelper has infected over 45,000 devices, mostly in the US, India and Russia. The number of infected devices is still growing every day. Symantec warns that xHelper seems to be virtually impossible to remove, since even factory resets do not get

Read More
30 Oct 2019

New Adwind Variant Targets Windows, Chromium Credentials

Security researchers with Menlo Labs have spotted a new version of the notorious Adwind remote access trojan (RAT) that can steal login credentials from compromised machines. The malware is being distributed via phishing emails, compromised websites as well as outdated and malicious WordPress sites. While previous versions of Adwind were

Read More
29 Oct 2019

Most decision makers expect AI and 5G to impact their cybersecurity strategy

83% of organizations believe 5G will lead to challenges in terms of cybersecurity, which implies that companies may be put at risk as a result of the new technology, a recent survey by Information Risk Management (IRM) found. Companies are concerned about 5G because vulnerabilities in the technology “appear to

Read More
29 Oct 2019

Details for 1.3 million Indian payment cards put up for sale on Joker’s Stash

Security researchers with Group-IB are warning that threat actors have begun selling a staggering 1.3 million payment cards on Joker’s Stash, the largest underground market place for payment card data. Most of the data belongs to Indian cardholders. The cards are being sold for $100 a piece. While Group-IB has not

Read More
29 Oct 2019

City of Johannesburg Refuses to Pay Ransom to Hackers

The City of Johannesburg, South Africa, which suffered a ransomware attack last week, will not pay the ransom of 4 bitcoin (over $37,000) demanded by the attackers. The threat group, calling itself the Shadow Kill Hackers, says it has obtained passwords, financial records, personal population information and other sensitive information

Read More