28 May 2021

Feds Warn DarkSide May Not Stay Dark

DarkSide, a cybercriminal gang that allegedly disbanded following the Colonial Pipeline ransomware attack, may not stay out of the hacking game for long, according to a new report. Key government cybersecurity and counterintelligence officials stated that while DarkSide may have actually halted its operations, the group could re-emerge under a

Read More
28 May 2021

Researchers find four new malware tools created to exploit Pulse Secure VPN appliances

Researchers at FireEye have disclosed attacks against defense, government, and financial organizations leveraging vulnerabilities in the Pulse Secure VPN software. Pulse Secure’s virtual private network and Secure Connect solutions are used by organizations worldwide to ensure secure access to business systems. FireEye reportedly discovered four new malware families designed specifically

Read More
27 May 2021

Chinese Phishing Attack Targets High-Profile Uyghurs

Security researchers have uncovered a new Chinese phishing campaign that is targeting high-profile members of the ethnic minority Uyghur group. The campaign consists of emails impersonating the United Nations and other credible international organizations, along with a fake human rights organization called TCAHF. The campaign has also been observed to

Read More
27 May 2021

This phishing attack is using a call centre to trick people into installing malware on their Windows PC

A new and prolific phishing campaign is aiming to lure victims into believing that they have opened a subscription with a movie-streaming service, tricking them into calling a phone number to cancel the subscription. However, after contacting the call center, someone guides them through a procedure that eventually infects the

Read More
26 May 2021

UK Police Suffered Thousands of Data Breaches in 2020

There were over 2300 data breach incidents reported by just 22 of the UK’s law enforcement organizations in 2020 alone, according to an inquiry launched by VPNoverview. VPNoverview allegedly requested information from 45 of the UK’s police forces and received responses from 31. The results of the investigation revealed that

Read More
26 May 2021

Bluetooth bugs open the door for attackers to impersonate devices

New vulnerabilities in devices with Bluetooth Core and Mesh have been uncovered by researchers at the Agence nationale de la sécurité des systèmes d’information (ANSSI). The bugs were disclosed on Monday and could allow a threat actor to impersonate devices during pairing, leading to man-in-the-middle attacks. Carnegie Mellon University also

Read More
25 May 2021

Iranian hacking group Agrius pretends to encrypt files for a ransom, destroys them instead

The Agrius hacking group allegedly deletes the data it pretends to hold for ransom in the final stage of their attack. This method represents a shift from the group’s previous tactic, which consisted of utilizing a purely destructive wiper malware. SentinelOne researchers released an analysis earlier today detailing the threat

Read More
24 May 2021

This massive phishing campaign delivers password-stealing malware disguised as ransomware

Cybersecurity researchers at Microsoft have identified a massive phishing campaign that is distributing trojan malware to create a backdoor into Windows systems, stealing usernames, passwords, and other sensitive information from victims. The phishing messages deliver the latest version of the Java-based STRRAT malware. The email campaign consists of utilizing compromised

Read More
24 May 2021

FBI identifies 16 Conti ransomware attacks striking US healthcare, first responders

The Federal Bureau of Investigation (FBI) has identified at least 16 attacks linked to the Conti ransomware group. The agency stated that the attacks target healthcare and first responder organizations, aiming to disrupt their operations and networks. Targets include 911 dispatch carriers, law enforcement agencies, and emergency medical services. These

Read More
21 May 2021

Global Credential Stuffing Attempts Hit 193 Billion in 2020

According to security vendor Akamai, there was roughly 193 billion credential stuffing attempts during 2020 due to surging numbers of online users. Akamai detailed its findings in its latest report, the 2021 State of the Internet / Security publication, looking to reveal the scale of attempts to hack users’ accounts

Read More