23 Mar 2020

Hackers breach FSB contractor and leak details about IoT hacking project

Digital Revolution, a Russian hacker group, has allegedly breached a contractor for the FSB. The FSB is Russia’s national intelligence service, and the hacking group claims to have obtained details about a project intended for hacking IoT devices. This week, the group published 12 technical documents, diagrams and code fragments

Read More
23 Mar 2020

200M Records of US Citizens Leaked in Unprotected Database

CyberNews, a Lithuanian research group, has discovered an unprotected database that holds 200 million detailed user records. The owner of the database remains unknown, however, the leaked profiles seem to be US users and contain individuals’ full names and titles, email addresses, phone numbers, birthdates, credit ratings, home and mortgage

Read More
20 Mar 2020

WHO Chief Impersonated in Phishing to Deliver HawkEye Malware

A new and continuing phishing campaign is posing as the Director-General of the World Health Organization (WHO) and is spreading malware known as HawkEye to victims’ devices. According to IBM X-Force Threat Intelligence researchers, the campaign started on Thursday, the same day it was discovered after the researchers found several

Read More
20 Mar 2020

Misconfigured Elasticsearch Instance Exposes More Than 5 Billion Records

An open Elasticsearch incident has reportedly exposed more than 5 billion records from 2012 to March 16, when the breach was discovered. The data in two of the collections is information on data breaches collected by a UK research firm over the course of the same time period. The data

Read More
19 Mar 2020

Libya-based hackers using coronavirus pandemic to spread mobile surveillance malware

Coronavirus themed emails have been targeting victims less and right, feeding off of global fear. The campaigns use messages and software as well, to trick people into downloading malware and other malicious programs. Kristin Del Rosso and other researchers at Lookout, a cybersecurity company, have uncovered a unique coronavirus attack

Read More
19 Mar 2020

COVID-19: With everyone working from home, VPN security has now become paramount

Due to the COVID-19 outbreak, thousands of employees have been working from home in an effort to contain the spread of the virus. Experts argue that this means enterprise VPN servers have become essential to a company’s security. Experts state that it is extremely important for organizations to ensure that

Read More
18 Mar 2020

Magecart Cyberattack Targets NutriBullet Website

A Magecart group has taken over NutriBullet’s website, installing skimmers across the site that aim to steal customer payment card data. Researchers warned the public about the security risk, stating that it was likely Magecart Group 8 behind the cybercrime. A researcher with RiskIQ stated on Wednesday that a JavaScript

Read More
18 Mar 2020

Coronavirus-Themed APT Attack Spreads Malware

An advanced persistent threat (APT) group has been leveraging the current pandemic to spread new malware deemed “Vicious Panda.” Security researchers stated that they had identified two suspicious Rich Text Format files targeting the Mongolian public sector. The RTF files execute a unique remote access trojan that takes screenshots of

Read More
18 Mar 2020

US Commerce Dept Shares Tips On Securing Virtual Meetings

Yesterday, the US National Institute of Standards and Technology shared measures that corporations should take to secure virtual meetings between remote workers as a result of the COVID-19 pandemic. Massive amounts of employees working from home can present unique challenges as both employers and employees strive to acclimate to the

Read More
18 Mar 2020

Attorney General Directs DoJ to Prioritize Coronavirus Crime

The US Attorney General, William Burr, recently urged attorneys in the DoJ to pay close attention to cybercriminals who are capitalizing on coronavirus fears to spread malware and commit fraud. The memo consists of Barr warning attorneys that it is essential to remain vigilant in detecting and prosecuting wrongdoing as

Read More