30 Apr 2020

Millions of Brute-Force Attacks Hit Remote Desktop Accounts

Experts have reported an increase in brute-force attacks targeting users of Microsoft’s Remote Desktop Protocol (RDP). The number of brute force attacks aimed at taking over corporate desktops and infiltrating company networks has been in the millions per week. This is likely a result of threat actors taking advantage of

Read More
30 Apr 2020

This new Android mobile malware targets banks, financial services across Europe

On Thursday, cybersecurity firm Cybereason Nocturnus stated that a new form of Android mobile malware had emerged, targeting consumer and business financial data. The company stated that the malware, named EventBot, appeared in March and is a combination of a Trojan and an information-stealing program that exfiltrates victims’ financial application

Read More
29 Apr 2020

Shade Ransomware shuts down, releases 750K decryption keys

The Shade Ransomware operators have apologized for the harm caused to their victims, shutting down operations and releasing over 750,000 decryption keys. The group has been in operation since 2014, predominantly targeting victims in Russia and Ukraine. According to experts behind the ransomware identification site ID Ransomware, submissions related to

Read More
29 Apr 2020

Sophisticated Android Spyware Attack Spreads via Google Play

Cybersecurity company Kaspersky has disclosed a new campaign targeting specific victims primarily in Southeast Asia that it’s dubbed the PhantomLance espionage campaign. Kaspersky believes that OceanLotus APT could be behind the attacks. The attacks are sophisticated and ongoing, targeting Andriod users in Asia. The campaign features complex spyware that is

Read More
29 Apr 2020

Microsoft warns of malware surprise pushed via pirated movies

Microsoft has issued a warning that pirate streaming devices and movie piracy sites are being targeted by threat actors, who are infecting victims with malware via fake movie torrents. The platforms have experienced a huge influx of traffic due to social isolating measures brought on by the COVID-19 pandemic, as

Read More
28 Apr 2020

Single Malicious GIF Opened Microsoft Teams to Nasty Attack

Microsoft has disclosed that a since-patched flaw allowed an attacker to take over an organization’s entire system of Microsoft Teams accounts. The subdomain takeover vulnerability in the company’s collaboration platform, Microsoft Teams, potentially allowed an inside attacker to create a malicious GIF image that was then used to steal data

Read More
28 Apr 2020

Attackers exploit 0-day code-execution flaw in the Sophos firewall

Sophos systems have been hit by a zero-day attack that was designed to steal usernames, as well as cryptographically protected passwords, and other sensitive data. The security firm stated that it was attacked through an exploited SQL injection flaw in patched versions of the Sophos XG Firewall on Sunday. The

Read More
27 Apr 2020

Nintendo Confirms Breach of 160,000 Accounts

After customers reported unauthorized purchases, Nintendo discovered a cybersecurity incident in which over 160,000 accounts were hacked. Attackers abused a legacy login system to achieve the hacks. Over the past several weeks, Nintendo users have been reporting a surplus of suspicious activities on their accounts. The breach consisted of attackers

Read More
24 Apr 2020

Maze Group Wages Ransomware Attack on Cognizant

A ransomware attack conducted by the Maze group has targeted a New Jersey Fortune 500 company, Cognizant, compromising internal systems. Cognizant confirmed on April 18 that it was the victim of a ransomware attack that affected services to some clients. Maze group is notorious for exfiltrating data from victims during

Read More
24 Apr 2020

Phishers exploiting employees’ layoff, payroll concerns

Two new phishing campaigns that aim to obtain Zoom and WebEx credentials have emerged, capitalizing on fears of layoffs and payroll changes. The phishing emails deliver fake information with “Zoom meeting about termination” in the headline, scaring recipients into clicking malicious links that then harvest Zoom passwords. Abnormal Security discovered

Read More