Security Risks

Malicious Business Email Campaign targets Banks and Financial Service Companies

By |2018-12-28T10:34:34+00:00December 31st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , , |

Researchers have spotted and tracked a new campaign aimed at tricking employees of US financial firms and banks into downloading Houdini Malware, a self-propagating malware strain. In addition to its C2 (command-and-control) functionality, the Houdini remote access trojan (RAT) possesses the ability to move laterally, leveraging removable drives. This malware does not possess a native ransomware component. However, [...]

[Scam Of The Week] New Sextortion Attacks Take A Dark Turn

By |2018-12-12T09:55:56+00:00December 15th, 2018|Categories: Security, Cyber Security|Tags: , , , , , , , , , , , , , , , , , , |

New Sextortion Attacks Take A Dark Turn And Infect People With GandCrab Ransomware A recent report shows that last week, employees in the U.S have been bombarded by a spam attack! This attack pushes a double-whammy of a sextortion attempts combined with ransomware! Starting around May 2018, there have been a number of attack waves [...]

Marriott reveals data breach of 500 million Starwood guests!

By |2018-11-30T11:51:00+00:00November 30th, 2018|Categories: Security|Tags: , , , , , , , , , , , , , , , |

Please read if you have ever stayed at a Marriott! For about 327 million of the 500, the breached data includes names, mailing addresses, phone numbers, email addresses, passport numbers (!), Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. The company said in a [...]

IRS Issues Urgent Warning on Tax Transcript Scam!

By |2018-11-28T11:50:03+00:00November 15th, 2018|Categories: Security|Tags: , , , , , , , , , , , , |

The Internal Revenue Service (IRS) is warning about a new “tax transcript” scam. In this scam, taxpayers are tricked into opening emails that look like they are from the IRS—but they potentially carry malware. Here’s what you need to know. In the past few weeks, taxpayers have received emails pretending to be from “IRS Online.” [...]

Ransomware Bundle Makes Malware Attacks Easier for Crooks

By |2018-11-28T12:51:06+00:00November 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , |

  A recent report found that ransomware bundles are being sold over the dark web for a pretty hefty, but still very addordable price (around $750). These bundles offer 2018's most notorious and devestatingly damaging forms of ransomware strains, including SamSam, Magnibar, Satan, CryBrazil, and more! Cybersecurity researchers from top cybersecurity firms, have discovered the rasompack [...]

Password Sharing is not Caring

By |2018-10-09T12:00:22+00:00October 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , |

Cybercriminals thrive on misuse of credentials, and users sharing them only makes the criminal’s job easier.  According to a recent report, password sharing is running rampant. The password has been the long-standing guardian keeping unauthorized users from accessing data, applications, and systems they shouldn’t. But, the password is only powerful when the assigned user keeps it private. [...]

Phishing Attack Uses Decoy PDF with Microsoft-issued SSL Cert

By |2018-10-08T16:34:13+00:00September 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , |

A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained a Microsoft-issued domain and SSL certificate, making it particularly believable. Since the phishing bait was hosted in Azure blob storage, it had a Microsoft-issued [...]

One in Five Employees Share Their Email Password!

By |2018-09-04T08:57:18+00:00September 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , |

Negligent employees remain the number one cause of data breaches at small businesses across America. So why do small businesses continue to struggle with good cyber security practices and what can they do to correct those habits? Small to medium-sized businesses are hit with nearly 4,000 cyber attacks per day -- and that number is [...]

SharePoint Phishing Attack Impacts 10% of Office 365 Users

By |2018-08-17T10:58:35+00:00August 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , , , , |

The attack dubbed “PhishPoint” demonstrates the craftiness and extent cybercriminals will go to in order to harvest Office 365 credentials.   This latest attack uses several familiar aspects of Office 365 to lull potential victims into an assumption everything is above board.   Here’s how the PhishPoint attack works: The user receives the malicious email –There [...]

Second Quarter 2018 Top-Clicked Phishing Email Subjects

By |2018-07-25T11:23:13+00:00August 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , , , , |

We've been reporting on the top-clicked phishing email subjects every quarter for a while now across three different categories: general emails, those related to social media, and 'in the wild' attacks that are a result of millions of users clicking on the Phish Alert Button on real phishing emails and allowing our team to analyze the results. [...]