29 Mar 2019

Hundreds of compromised WordPress and Joomla websites are serving up malware to visitors

Researchers with Zscaler warn that threat actors are increasingly trying to take advantage of flaws in the immensely popular content management systems (CMSs) WordPress and Joomla in order to get legitimate websites to target users with malicious payloads. In the past month, the researchers detected thousands of attacks, hundreds of

Read More
28 Mar 2019

Microsoft takes control of 99 domains operated by Iranian state hackers

Microsoft has confiscated 99 web domains that were used by Iran-linked hackers to launch global spear-phishing campaigns. The domain names resembled those of popular services offered by Microsoft, Yahoo and other companies and could therefore easily be mistaken for legitimate websites by victims of the campaign. The threat actor behind

Read More
21 Mar 2019

Latest tactics used by cybercriminals to bypass traditional email security

New research by Barracuda sheds light on the evolving strategies used by cybercriminals in email-based spear-phishing attacks. The report distinguishes between three types of spear phishing: brand impersonation attacks, business email compromise (BEC) and extortion. Brand impersonation is the most popular strategy by far, accounting for 83% of attacks. Extortion

Read More
20 Mar 2019

Microsoft Office Dominates Most Exploited List

Recorded Future has released the 2018 version of it’s annual top 10 list of most exploited vulnerabilities. The list contains 8 Microsoft Office vulnerabilities that are being exploited as part of phishing campaigns involving malicious Word and Excel documents. The other two flaws in the list are an Adobe Flash

Read More
18 Mar 2019

Email – The Often Overlooked Cybersecurity Risk

Are silly email mistakes putting your sensitive data and customer PII at risk or in violation of GDPR. Matt Devost breaks down four real life examples that highlight inadvertent email risks.

Read More
18 Mar 2019

Google Took Down 2.3 Billion Bad Ads in 2018

Figures released by Google last week highlight how widespread cybercrime has become. Last year, the company took down 2.3 billion bad ads, 58.8 million of which were phishing ads. 207,000 of the adds were for ticket resellers and over 531,000 for bail bonds. Google stepped up its efforts to fight

Read More
18 Mar 2019

Current phishing defense strategies and execution are not hitting the mark

New research by ISACA and Terranova Security shows that only about 63% of organizations are properly keeping track of the effectiveness of their strategies for informing employees about phishing and preventing them from falling for this type of attack. The study also found that only a small majority of companies

Read More
08 Mar 2019

Egypt government used Gmail third-party apps to phish activists

Over the past few years, a series of privacy scandals including the Facebook/Cambridge Analytica scandal have spurred an international push for better privacy laws. In some parts of the world, policymakers have responded to this movement by introducing new data protection bills, such as the EU General Data Protection Regulation

Read More
05 Mar 2019

Microsoft Sees 250% Phishing Increase, Malware Decline by 34%

The 24th volume of Microsoft’s Security Intelligence Report shows that phishing surged in 2018. The detected 250% increase in phishing attacks last year confirms similar findings of other recent studies. The research also confirmed that threat actors are moving away from ransomware and malicious software (malware) in general, as malware

Read More
01 Mar 2019

Businesses need to rethink security priorities due to shifting trends

Cyberattacks involving the psychological manipulation of targeted users, which is known as social engineering, have surged in 2018, a new Trend Micro report has found. According to the report, the number of detected phishing URLs increased by 269% compared to the year before. The finding is in line with a

Read More