07 Jan 2020

Microsoft: RDP brute-force attacks last 2-3 days on average

A recent study by Microsoft provides insights into brute-force attacks targeting Remote Desktop Protocol (RDP) implementations in enterprise environments. Over the last few years, RDP brute-forcing has become a popular attack vector in ransomware and other malware campaigns. By analyzing RDP-login events on 45,000 enterprise workstations, Microsoft found that the

Read More
07 Jan 2020

DeathRansom Campaign Linked to Malware Cornucopia

Researchers with FortiGuard have linked DeathRansom malware to a number of info-stealing campaigns, all of which seem to be the work of a Russian-speaking resident of Italy who uses the moniker “scat01.” DeathRansom began as a sort of dark joke, since the malware initially pretended to be file-encrypting ransomware, but

Read More
07 Jan 2020

Bronze President Spies on Asia

New research by Secureworks sheds light on the activity of Bronze President, a cyber espionage group believed to operate out of China. The group uses a combination of custom and publicly available remote access tools to target NGOs as well as political and law enforcement organizations in India, Mongolia, and

Read More
06 Jan 2020

First Suleimani Attack By ‘Iranian’ Hackers Hits U.S., Exposing ‘Noisy’ New Threat

Over the weekend, threat actors defaced the website of the US Federal Depository Library Program (FDLP), in what could be the first Iranian state-sponsored cyberattack in retaliation for the US drone strike that killed Iranian military commander Maj. Gen. Qassim Suleimani at Baghdad airport last Friday. In the wake of

Read More
06 Jan 2020

DHS: Iran maintains a robust cyber program and can execute cyber-attacks against the US

The US Department of Home Security (DHS) on Saturday issued a rare National Terrorism Advisory System (NTAS) alert warning about possible Iranian terror and cyber campaigns in retaliation for the US drone strike that killed Iranian military commander Maj. Gen. Qassim Suleimani at Baghdad airport last Friday. Suleimani was the

Read More
06 Jan 2020

Travelex Site Still Down After New Year’s Eve Attack

On New Year’s Eve, global currency exchange giant Travelex experienced a “software virus” infection that “compromised some of its services”, as a result of which the company’s websites have been unavailable for almost a week now. The company says it has taken down all of its systems “as a precautionary

Read More
06 Jan 2020

Alert overload is burning out security analysts

A recent CriticalStart study sheds light on the impact of alert overload on security operations centers (SOCs) and their staff. The survey found that only 41% of SOC employees still consider their main task to be analyzing and remediating security threats, compared to 70% last year. The majority of security

Read More
06 Jan 2020

Austria’s Foreign Ministry says it’s facing ‘serious’ cyberattack

The Austrian Foreign Ministry on Saturday announced that it is the target of what it described as a “serious cyberattack” that could be “a targeted attack by a state actor.” The ministry said the cyber campaign against its systems is still ongoing, and estimated that it may continue for several

Read More
06 Jan 2020

Automotive cybersecurity incidents doubled in 2019, up 605% since 2016

The number of automotive cyber incidents has surged by 605% since 2016 and doubled between 2018 and 2019, a new report by Upstream Security shows. The majority of incidents (57%) were the work of cybercriminals, while security researchers accounted for 38%. In 2019, the vast majority (82%) of attacks were

Read More
06 Jan 2020

Ransomware Attack Topples Telemarketing Firm, Leaving Hundreds Jobless

Arkansas-based telemarketing firm The Heritage Company suffered a ransomware attack two months ago, which may mean the end of the 61-year-old business. Even though the company paid the ransom, it was forced to suspend operations indefinitely on December 23. On January 2, the over 300 employees of the firm were

Read More