28 Oct 2019

Ransomware, Mobile Malware Attacks to Surge in 2020

A recent study by Check Point predicts some of the major cybersecurity trends that will shape 2020. In terms of threats, the firm projects that 5G will play a major role in increasing the attack surface because it is bound to lead to a surge in Internet-of-things devices as well

Read More
28 Oct 2019

Microsoft Office Bug Remains Top Malware Delivery Vector

A recent report by Cofense shows that in the third quarter of this year, the most common technique for distributing malware via phishing campaigns is the exploitation of CVE-2017-11882, a critical flaw in Microsoft Office that was patched in 2017, but has been around for almost two decades. Attackers embed

Read More
25 Oct 2019

Ongoing Phishing Campaign is Targeting UN and NGOs

Threat actors are targeting the United Nations (UN) and several NGOs in a mobile phishing campaign that aims to capture login credentials for Okta, Office 365 and Outlook accounts, research by Lookout shows. The phishing websites check whether users are using a mobile device in order to deliver relevant content.

Read More
22 Oct 2019

Most Effective Phishing Tactic Is to Make People Think They’ve Been Hacked

People are most likely to fall for a phishing scam when it involves a fake message warning that their account has been hacked, a new report by KnowBe4 shows. In phishing simulations and actual phishing campaigns, the email headlines that were most successful in getting victim’s to click on malicious

Read More
21 Oct 2019

Alexa and Google Home abused to eavesdrop and phish passwords

Threat actors can use malicious applications in order to eavesdrop on Amazon Alexa and Google Home users, researchers with Security Research Labs have discovered. Rogue applications can also be used to carry out phishing attacks targeting owners of one of these voice assistants. The two attacks developed by the researchers

Read More
16 Oct 2019

Fake mobile app fraud tripled in first half of 2019

In the first six months of this year, phishing campaigns rose by 6% compared to the second half of 2018, while other fraud attacks such as fake mobile apps and financial malware skyrocketed, increasing by 191% and 80%, respectively, a new report by RSA Security shows. Phishing remained the top

Read More
14 Oct 2019

Iran-Linked ‘Charming Kitten’ Touts New Spearphishing Tactics

Iranian state-backed hacking group APT 25 (also known as Charming Kitten, Phosphorus, Ajax Security Team, NewsBeef and Newscaster) has updated its attack techniques to carry out a spearphishing campaign targeting US President Donald Trump’s re-election campaign, according to recent research[pdf] by ClearSky Cyber Security. The report states that the new attack

Read More
10 Oct 2019

Financial industry spending millions to deal with breaches in 2019

82% of organizations suffered a DNS attack last year, and many companies were hit multiple times, with the average number of attacks per company falling just short of 9.5, a new report by EfficientIP shows. Because the average cost per attack exceed $1.3 million, companies can expect to lose over

Read More
09 Oct 2019

Only 1 in 5 enterprises have DMARC records set up with an enforcement policy

A new Valimail report shows that while companies are increasingly adopting the Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol for email authentication, which is designed to prevent email spoofing attacks, the vast majority have not configured it properly. In fact, only 17% of email domains using DMARC have an enforcement

Read More
09 Oct 2019

Phishing attempts increase 400%, many malicious URLs found on trusted domains

Between January and July of this year, the number of detected phishing URLs surged by 400%, a recent Webroot study found. Phishing attacks continue to get more sophisticated, with 29% of phishing sites now using HTTPS in order to appear more legitimate, while 24% of malicious URLS are hosted on

Read More