Business Email Compromise Doubles in Incidents and Triples in Cost The latest data from the U.S. government’s Financial Crimes Enforcement Network shows fraud via business email is changing tactics and becoming more effective. Phishing attacks don’t always need to result in the use of malware. In many cases the goal is to commit fraud through [...]
Homeland Security Warning About Phishing As A Threat to 2020 Elections Beware of phishing attempts! U.S Department of Homeland Security is warning top state election officials nationwide to safeguard against fradulent emails targeting state and local election.These emails appear as if they come from a legitimate source and contain links that, if clicked, will open [...]
U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year. The top organizations targeted by phishing attacks when taking into account the industry sectors were financial institutions (28,9%), email and online services (24,1%), cloud and file storage (12,6%), [...]
The Notre Dame Cathedral in Paris caught fire and was barely saved from total destruction. Millions of people visit every year and hundreds of millions feel a powerful, and personal, sense of connection to it. Seeing the cathedral burn was a tragedy, and the bad guys were faster than ever to leverage it into misinformation and social engineering. [...]
Researchers have spotted and tracked a new campaign aimed at tricking employees of US financial firms and banks into downloading Houdini Malware, a self-propagating malware strain. In addition to its C2 (command-and-control) functionality, the Houdini remote access trojan (RAT) possesses the ability to move laterally, leveraging removable drives. This malware does not possess a native ransomware component. However, [...]
New Sextortion Attacks Take A Dark Turn And Infect People With GandCrab Ransomware A recent report shows that last week, employees in the U.S have been bombarded by a spam attack! This attack pushes a double-whammy of a sextortion attempts combined with ransomware! Starting around May 2018, there have been a number of attack waves [...]
A recent report found that ransomware bundles are being sold over the dark web for a pretty hefty, but still very addordable price (around $750). These bundles offer 2018's most notorious and devestatingly damaging forms of ransomware strains, including SamSam, Magnibar, Satan, CryBrazil, and more! Cybersecurity researchers from top cybersecurity firms, have discovered the rasompack [...]
Cybercriminals thrive on misuse of credentials, and users sharing them only makes the criminal’s job easier. According to a recent report, password sharing is running rampant. The password has been the long-standing guardian keeping unauthorized users from accessing data, applications, and systems they shouldn’t. But, the password is only powerful when the assigned user keeps it private. [...]
A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained a Microsoft-issued domain and SSL certificate, making it particularly believable. Since the phishing bait was hosted in Azure blob storage, it had a Microsoft-issued [...]
Negligent employees remain the number one cause of data breaches at small businesses across America. So why do small businesses continue to struggle with good cyber security practices and what can they do to correct those habits? Small to medium-sized businesses are hit with nearly 4,000 cyber attacks per day -- and that number is [...]