Ransomeware

Marriott reveals data breach of 500 million Starwood guests!

By |2018-11-30T11:51:00-06:00November 30th, 2018|Categories: Security|Tags: , , , , , , , , , , , , , , , |

Please read if you have ever stayed at a Marriott! For about 327 million of the 500, the breached data includes names, mailing addresses, phone numbers, email addresses, passport numbers (!), Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. The company said in a [...]

Ransomware Bundle Makes Malware Attacks Easier for Crooks

By |2018-11-28T12:51:06-06:00November 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , |

  A recent report found that ransomware bundles are being sold over the dark web for a pretty hefty, but still very addordable price (around $750). These bundles offer 2018's most notorious and devestatingly damaging forms of ransomware strains, including SamSam, Magnibar, Satan, CryBrazil, and more! Cybersecurity researchers from top cybersecurity firms, have discovered the rasompack [...]

Phishing Attack Uses Decoy PDF with Microsoft-issued SSL Cert

By |2018-10-08T16:34:13-05:00September 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , |

A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained a Microsoft-issued domain and SSL certificate, making it particularly believable. Since the phishing bait was hosted in Azure blob storage, it had a Microsoft-issued [...]

SharePoint Phishing Attack Impacts 10% of Office 365 Users

By |2018-08-17T10:58:35-05:00August 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , , , , |

The attack dubbed “PhishPoint” demonstrates the craftiness and extent cybercriminals will go to in order to harvest Office 365 credentials.   This latest attack uses several familiar aspects of Office 365 to lull potential victims into an assumption everything is above board.   Here’s how the PhishPoint attack works: The user receives the malicious email –There [...]

Second Quarter 2018 Top-Clicked Phishing Email Subjects

By |2018-07-25T11:23:13-05:00August 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , , , , |

We've been reporting on the top-clicked phishing email subjects every quarter for a while now across three different categories: general emails, those related to social media, and 'in the wild' attacks that are a result of millions of users clicking on the Phish Alert Button on real phishing emails and allowing our team to analyze the results. [...]

New Deceptive Strains of Payroll Phishing: “Because that’s where the money is…”

By |2018-07-25T10:22:17-05:00July 15th, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , |

Most readers will probably be familiar with the mythical story of bank robber Willie Sutton who, after being nailed by the cops, was asked why he robbed the bank. His answer (undoubtedly delivered in the most deadpan voice one can imagine): "Because that's where the money is." Although criminals have gone high tech since the [...]

Bad Guys Are Doing More Damage Than They Used To

By |2018-06-06T09:46:32-05:00June 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , |

The ransomware plague is not letting up and rapidly getting more technically sophisticated. New strains are popping up every month, using innovative methods to spread. Worse, the ransom demands themselves are skyrocketing at the same time. This week, cyber insurance experts reported incidents with ludicrous 1 million dollar extortion attempts after attackers were able to encrypt [...]

Chrome Extensions Spreading Through Facebook Caught Stealing Passwords

By |2018-05-16T20:19:42-05:00May 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , |

Luring users on social media to visit lookalike version of popular websites that pop-up a legitimate-looking Chrome extension installation window is one of the most common modus operandi of cyber-criminals to spread malware. Security researchers are again warning users of a new malware campaign that has been active since at least March this year [...]

World’s Largest Phishing Botnet Grows Evasive

By |2018-05-14T09:23:14-05:00May 1st, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , |

The notorious Necurs botnet is one of the oldest and largest spam and phishing delivery systems in existence. It controls millions of machines that the criminal botmasters use to send malicious payloads. Necurs has now adopted a retro trick to make itself more evasive and less likely to have its phishing intercepted by your filters. It's begun [...]

Only Half of Organizations that Pay Ransomware Operators Get Their Data Back

By |2018-03-27T11:44:02-05:00April 1st, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , |

Small-to-midsize businesses (SMBs) are the preferred target by ransomware operators, due to weaker protection and greater willingness to pay up. Ransomware, the prolific malware that locks down computer files until the victim pays to regain access, remains the fastest-growing cyber threat, targeting users from the regular Joe to entire corporate networks. In a mashup of [...]