19 May 2020

Quick Hits from the 2020 Verizon Data Breach Report

The annual Verizon Data Breach Report has become a reliable and consistent source of cybersecurity attack trends over the past several years. Verizon has just released this year’s report with the largest number of contributing organizations ever.  Here is OODA’s hot take.

Read More
15 May 2020

Inventory of hacked servers for sale on cybercrime forum exceeds 43,000

Recent cyber intelligence reporting has revealed that the MagBo portal, which sells cyberattackers access to previously compromised servers, is now listing an inventory of 43,000 hacked servers.  The portal provides access to hacked servers, with some belonging to local and state government, hospitals, and financial organizations and has firmly established

Read More
14 May 2020

Scammers steal $10 million from Norway’s state investment fund

Norfund, Norway’s state investment fund, has reportedly been the victim of a cyberattack in which cybercriminals stole $10 million from the organization. The fraudsters were able to launch the attack through running business email compromise scams, eventually obtaining access to the email system. This allowed the attackers to monitor communication

Read More
14 Apr 2020

Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain

On Monday, IBM’s X-Force researchers posted an analysis of a malware that leverages a fake Chrome browser plugin, subsequently targeting the accounts of banking customers in Spain. The banking malware, called Grandoreiro, also uses a remote overlay to display a full-screen overlay image when a target accesses their online banking

Read More
14 Apr 2020

US consumers report $12M in COVID-19 scam losses since January

Today, the US Federal Trade Commission (FTC) stated that $12 million has been lost to COVID-19 themed scams. The FTC analyzed more than 16,000 COVID-19 related consumer reports the agency has received since January 2020. The median consumer loss was $570, according to the agency. California reported the most complaints

Read More
10 Apr 2020

U.S., UK cyber officials say state-backed hackers taking advantage of outbreak

Cybersecurity officials in the UK and the US have warned that state-backed hackers and cybercriminals are capitalizing on the coronavirus outbreak in their new campaigns, creating cybersecurity concerns. On Wednesday, the US Cybersecurity and Infrastructure Agency and Britain’s National Cyber Security Centre published a joint advisory in which they claimed

Read More
08 Apr 2020

NASA under ‘significantly increasing’ hacking, phishing attacks

NASA reported that they have been observing increasing malicious activity originating from both cybercriminals and nation-state hackers targeting their personnel and systems while their employees telecommute during the COVID-19 pandemic. The agency stated that they had successfully blocked a wave of malicious cyberattacks with pre-existing mitigation tools and measures. However,

Read More
31 Mar 2020

Coronavirus-themed spam surged 14,000% in two weeks says IBM

Recently, there have been numerous reports of cybercriminals and hacking groups taking advantage of the COVID-19 pandemic. IBM emerged with new information that stated that in the past two weeks, coronavirus themed spam has increased by 14,000%. The report by IBM’s X-Force reveals how much spam has been generated, taking

Read More
26 Mar 2020

Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

APT41, a Chinese threat group that is responsible for dozens of destructive cyberattacks, has been exploiting vulnerabilities in Citrix NetScaler/ADC, Cisco routers and Zoho ManageEngine Desktop Central as part of a new espionage campaign. However, researchers have not yet determined if the campaign is targeting specific organizations or what these

Read More
26 Mar 2020

Tupperware Hit By Card Skimmer Attack

Malwarebytes Labs researchers have discovered a cyberattack on the Tupperware website, targeting customers payment card information via a digital credit card skimmer disguised inside an image file. Researchers found the malicious code when an anomaly in the iframe container was caught, prompting the researchers to look closer at the code.

Read More