Collaborate Disseminate
Digital attacks continue to exploit coronavirus 2019 (COVID-19) as part of their malicious operations. On May 5, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) along with the United Kingdo… Continue reading COVID-19 Scam Roundup – May 11, 2020
Security researchers attributed a spike in Snake ransomware activity to a new campaign that’s targeted organizations worldwide. Snake ransomware first attracted the attention of malware analysts in January 2020 when they observed the crypto-malwa… Continue reading Spike in Snake Ransomware Activity Attributed to New Campaign
The Financial Industry Regulatory Authority (FINRA) warned that digital fraudsters are impersonating it in an ongoing phishing email campaign. In a regulatory notice published on its website, FINRA revealed that malicious actors had sent out fraudulent… Continue reading Digital Fraudsters Masquerading as FINRA in Phishing Emails
The Ryuk and Sodinokibi ransomware families both contributed to an increase in the ransom amounts demanded by attackers over the past quarter. Coveware found that the average ransom amount demanded by ransomware attacks in Q1 2020 was $111,605. This am… Continue reading Increase in Ransomware Demand Amounts Driven by Ryuk, Sodinokibi
Malicious actors continue to abuse coronavirus 2019 (COVID-19) as a lure to profit off of innocent people. Indeed, Arkose Labs found that 26.5% of all transactions recorded in Q1 2020 were fraud and abuse attempts—a 20% increase over the previous… Continue reading COVID-19 Scam Roundup – May 4, 2020
Security researchers observed that digital attackers are increasingly incorporating the reCaptcha API into their phishing campaigns. Barracuda Networks explained that malicious actors are starting to outfit their phishing attempts with reCaptcha walls … Continue reading Phishers Increasingly Incorporating reCaptcha API into Campaigns
The operators of Shade ransomware published the decryption keys for 750,000 of their victims in an effort to help them recover their data. The authors of Shade used a GitHub post to make decryption keys available to all of its remaining victims (approx… Continue reading Operators of Shade Ransomware Publish 750K Decryption Keys
British security firm Sophos determined that malicious actors had abused a zero-day vulnerability to achieve remote code execution (RCE) on some of its firewall products. According to Sophos, the attack chain began when digital attackers exploited a ze… Continue reading Zero-Day Flaw Allowed Attackers to Achieve RCE on Firewalls
A phishing campaign leveraged malicious emails to spoof video calling platform Skype in order to steal users’ account credentials. Cofense observed that the campaign began with an attack email that appeared to originate from Skype. Specifically, … Continue reading New Phishing Campaign Spoofed Skype to Steal Users’ Credentials
DoppelPaymer ransomware allegedly struck a U.S. coastal city in Los Angeles County by stealing its unencrypted data and then encrypting its devices. As reported by Bleeping Computer, the operators of DoppelPaymer updated their “Dopple Leaks”… Continue reading DoppelPaymer Ransomware Struck City in Los Angeles County