Collaborate Disseminate
Security researchers observed that malicious actors had incorporated a targeted company’s homepage into a message quarantine phishing campaign. The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguis… Continue reading Targeted Company’s Homepage Used in Message Quarantine Phish
Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program. On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for repo… Continue reading Google Ups Bug Bounty Reward Amounts for Product Abuse Risks
A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC at… Continue reading Gift Cards Requested in Two-Thirds of BEC Attacks, Report Reveals
Researchers observed that the Emotet gang had incorporated a new “Red Dawn” template into their weaponized Word Documents delivered to users. Until recently, Emotet’s handlers had been targeting users with a iOS-themed document template for their malic… Continue reading Emotet Switches to ‘Red Dawn’ Template in Weaponized Word Documents
North Korea’s BeagleBoyz team resumed its efforts to target banks worldwide with fraudulent money transfers and ATM cash outs. On August 26, the Cybersecurity and Infrastructure Security Agency (CISA) published Alert (AA20-239A) in coordination with th… Continue reading North Korea’s BeagleBoyz Resumes International Attacks Targeting Banks
New Zealand’s stock exchange suffered its second distributed denial-of-service (DDoS) attack within a matter of two days. According to Reuters, cash market trading on the floor of the New Zealand’s Exchange (NZX) came to a halt at 11:24 local time on A… Continue reading New Zealand Stock Exchange Suffers Second DDoS Attack in Two Days
Gone are the days when security teams could focus all of their efforts on keeping attackers out of the network. There’s no inside or outside anymore. The modern network is porous; it allows greater numbers and types of devices to connect to it from all… Continue reading 3 Areas of Your IT Infrastructure that SCM Can Help to Secure
Iranian actors leveraged the Remote Desktop Protocol (RDP) as part of an international campaign to target companies with Dharma ransomware. Group-IB uncovered the campaign while conducting an incident response engagement for a Russian company in June 2… Continue reading RDP Used by Iranian Actors in International Dharma Ransomware Attacks
The University of Utah paid a fee of more than $450,000 to attackers after they infected a portion of its servers with ransomware. On July 19, 2020, the Information Security Office (ISO) notified the university’s College of Social and Behavioral Scienc… Continue reading University of Utah Paid Over $450K to Ransomware Attackers
Security researchers released a decryption tool that enables victims of WannaRen ransomware to recover their files for free. On August 19, Bitdefender announced that it had made a WannaRen decryption utility publicly available for download. The securit… Continue reading Decryption Tool Released for WannaRen Ransomware