phishing (26)

9318796279?profile=RESIZE_400xRed Sky Alliance has been monitoring a global phishing campaign which leverages the Ex-Robotos phishing kit to gain access to usernames and passwords of targeted victims. This specific attacker generally targets engineering organizations but has been seen targeting other industries as well. They have been sending out emails since May of 2021, though the tool has been publicly available for purchase since 1 July 20191. Phishing plays a major role in cyber-attacks and often leads to data breaches

9258267700?profile=RESIZE_400xFool me once, shame on you.  Fool me twice, shame on me.  We have all been duped at some level by devious on-line schemers.  In the Cyber World, it sounds like old news.  Phishing is a type of social engineering tactic where an attacker sends a fraudulent ("spoofed") message designed to trick a human victim into revealing sensitive information to the attacker, then introduce malicious software on the victim's infrastructure like ransomware.  Phishing attacks have become increasingly sophisticate

9021995884?profile=RESIZE_400xMicrosoft has discovered a large-scale spear-phishing campaign being conducted by the Russian advanced persistent threat (APT) group that has led to the breach of 3,000 email accounts across 150 organizations.

A Russian-based group called Nobelium, allegedly behind the SolarWinds attack, is at it again with a sophisticated phishing campaign aimed at delivering malicious URLs with payloads enabling network persistence so the actors can conduct further nefarious cyber activities.

This time, Nobeli

8895965100?profile=RESIZE_400xThreat researchers have come across two new phishing scams targeting customers of JPMorgan Chase Bank.  Both attacks deployed social engineering and brand impersonation tactics to steal customers' login credentials.  While one scam involved an email that appeared to contain a credit card statement, the other impersonated a locked account workflow to falsely inform victims that access to their account had been blocked following the detection of unusual login activity.

Cyber threat researchers sai

8793749096?profile=RESIZE_400xThe COVID-19 pandemic is now a year old and has forced businesses to quickly support remote working practices, often without proper security measures in place.  The Verizon Business Mobile Security Index (MSI) 2021 reveals that many businesses may have left themselves vulnerable and open to cybercriminals in the rush to ensure their workforce could operate remotely.  Forty-nine (49) percent of businesses surveyed in the latest edition of Verizon's MSI stressed that changes made to remote working

8685179675?profile=RESIZE_400xThe US Department of Justice (DOJ) continues to warn that cyber-criminals are impersonating state workforce agencies (SWAs) to steal Americans' personal data.  In a press release issued 5 March 2021, DOJ reported it had received reports that bad cyber actors are creating fake websites that mimic sites genuinely belonging to SWAs.  "The fake websites are designed to trick consumers into thinking they are applying for unemployment benefits and disclosing personally identifiable information and oth

8640804469?profile=RESIZE_400xAs the 2020 tax preparation season begins in the US, the Internal Revenue Service (IRS) is warning that it is seeing more signs of cyber criminals spoofing the agency's domains and incorporating its logos and language into phishing campaigns.  Authorities additionally are cautioning other fraud campaigns that spoof US government departments, with some using themes capitalizing on COVID-19 economic relief programs.  A tempting lure to many.

During February 2020, the IRS published a notification t

8592620480?profile=RESIZE_400xThe age-old trick of romance scams remains real and is getting worse.  The number of people being targeted by fake relationship-seekers has drastically spiked during the COVID-19 pandemic.  Why? People are lonely and clever criminals play on this new phenomenon.  Romance scams remain the most successful fraud strategy for cybercriminals and represent a growing arena of opportunity; this according to the Federal Trade Commission. During 2020, romance schemes accounted for a record $304 million ra

8507400489?profile=RESIZE_400xAccording to cyber threat investigators, several Magecart groups hide their JavaScript skimmers, phishing domains and other malicious tools behind a secure hosting service called Media Land, according to a report from security firm RiskIQ. During their investigation, the researchers found that thousands of domains used for JavaScript skimmers, phishing domains and other malicious infrastructure have been registered with Media Land since 2018 using at least two email addresses and other aliases.

8267325297?profile=RESIZE_400xBusiness Email Compromise or BEC attack begins with a cybercriminal hacking and spoofing emails to impersonate your company’s supervisors, CEO, or vendors.  Once in, they request a seemingly legitimate business payment. The email looks authentic, seems to come from a known authority figure, so the unsuspecting employee complies.  These fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams, the US Federal B

8157700677?profile=RESIZE_400xA cyberespionage campaign aimed at aerospace and defense sectors to install data gathering implants on victims' machines for purposes of surveillance and data exfiltration may have been more sophisticated than previously thought.  The use of job of employment ads and postings have the recent bait for unsuspecting victims.

The attacks, which targeted IP-addresses belonging to internet service providers (ISPs) in Australia, Israel, Russia, and defense contractors based in Russia and India, involve

8128171082?profile=RESIZE_400xAccount takeover seeks to infiltrate an existing account and use them for the criminal’s benefit.  Cyber threat actors will target any firm from any market segment, so there is no pattern to follow.  Once the criminal accesses the account, they may make unauthorized purchases and cash advances; they may also change account information so that the real owner does not receive notifications from the account.

According to a recent report, account takeover has tripled over a year-to-year comparison,

8120562100?profile=RESIZE_400xThey say, “Common Sense is Instinct; Enough of it - Genius.”  Let us prove a path toward cyber brilliance.  Cybersecurity hygiene has never been as important as it is today.  At home workers are now doing business remotely, putting in more hours and dealing with new situations they have never experienced.  For many, this change is both stressful and distracting.  These changes have upended the traditional workday and, in many cases, our concentration, which introduces risk.  Even the most securi

8080622291?profile=RESIZE_400xThe coronavirus pandemic and lockdown have forced organizations to make dramatic changes over a short period of time.  One of the biggest changes has been the shift to a remote workforce nationwide.  Because of the abruptness and speed of that transition, proper cybersecurity has not necessarily been followed, prompting cybercriminals to level more attacks against remote workers, devices, and assets.

Based on a recent survey by security provider Keeper Security looks at the types of threats aime

8042433884?profile=RESIZE_400xSMB’s Need to Prepare for Today and Tomorrow’s Cyber Threats

The cybersecurity landscape presents new challenges at businesses - every day.  Please be aware of these 10 threats to help your business avoid a major attack or breach.  When it comes to securing your network, software, and data from potential attackers, Small to Midsize Businesses (SMBs) have numerous concerns.

Security for increasingly mobile and online-focused businesses is a multifaceted problem, especially for SMBs that lack the

7934495870?profile=RESIZE_400xCyberattacks on Small to Medium-sized businesses (SMBs) are continuing at a relentless pace for 2020, with most data breaches coming from outside the organization.  Cyber-attacks are up and average 75% since the Corona pandemic.  Cybersecurity analysts believe hackers are specifically targeting these smaller firms because they know SMBs lack adequate resources and enterprise-grade security tools, making them easier prey than larger businesses.

A new report from Cisco counters this misconception.

7541747475?profile=RESIZE_400xCarnival Corporation & PLC is the largest cruise line operator in the world.  In 2019, Carnival pulled in a record revenue of $20.8 billion.  Even with the troubles of 2020, this makes them a significant target for attackers looking to earn a profit. On 15 August 2020, Carnival Corp & PLC detected a ransomware attack that encrypted a portion of one brand’s IT systems.  Attackers not only encrypted the data, but also downloaded certain files indicating some data was stolen. In their SEC filings,

7328954885?profile=RESIZE_400xThree US agencies published a joint warning alert for private companies about new versions of Taidoor, a malware family previously associated with Chinese state-sponsored hackers.

The alert is from the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (DHS CISA), the Department of Defense's Cyber Command (CyberCom), and the Federal Bureau of Investigations (FBI).  The three US government agencies report they have observed Taidoor being used in new attacks.  The n

7328258478?profile=RESIZE_710x

Analysts studying CoronaVirus-related phishing and malware threats in malicious emails reveal four major topics abused by hackers: news, medical, financial, and regulatory.  In the first phases of the Corona pandemic, hackers were mostly disguising their malicious emails as general news and medical information with the most common keywords being “update” and “affected.”  When Summer 2020 (June-July) arrived, the dominating attack theme became “financial” and the leading keyword became “payment.

6439637457?profile=RESIZE_400xAll organizations should consider working with a cyber threat intelligence firm to send test “Phishing” emails to random employees on a regular basis.  This will test employee vulnerabilities to provide subsequent remediation plans.  Training and instruction from cyber professionals are always cheaper than absorbing the costs of remediation, paying ransoms or having confidential data exposed or auctioned to the highest bidder.

Researchers at two security firms are tracking separate phishing camp