Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation

Security researchers came across a series of odd protest-themed spam email messages that appeared to target the Atlanta Police Foundation. SANS’ Internet Storm Center observed that the spam messages first appeared to be instances of an extortion … Continue reading Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation

Sextortionists Using Social Engineering Tactics to Collect Victims’ Data

Security researchers observed sextortionists leveraging social engineering techniques to steal their victims’ personal information. SANS’ Internet Storm Center (ISC) discovered that sextortionists had begun creating profiles for young women… Continue reading Sextortionists Using Social Engineering Tactics to Collect Victims’ Data

The Importance of Implementing an Information Security Policy That Everyone Understands

Information security (IS) and/or cybersecurity (cyber) are more than just technical terms. They’re the processes, practices and policy that involve people, services, hardware, and data. In particular, IS covers how people approach situations and … Continue reading The Importance of Implementing an Information Security Policy That Everyone Understands

Building on the IAM Benefits of SSO with MFA and Privileged Access Management

In part one of this post, we talked about why identity access management (IAM) is important.  In that discussion, we identified three types of IAM: Single Sign On Multi-Factor Authentication Privileged Access Management We discussed the different … Continue reading Building on the IAM Benefits of SSO with MFA and Privileged Access Management

SNAKE Ransomware Affected Enel Group’s Internal Network

Italian multinational energy company Enel Group suffered a SNAKE ransomware infection that affected its internal network. According to a statement issued by Enel Group, the ransomware attack first registered with the energy company on June 7 when its i… Continue reading SNAKE Ransomware Affected Enel Group’s Internal Network

Babylon Health App Leaked Patients’ Video Consultations

Babylon Health, makers of a smartphone app that allows Brits to have consultations with NHS doctors, has admitted that a “software error” resulted in some users being able to access other patients’ private video chats with GPs. The da… Continue reading Babylon Health App Leaked Patients’ Video Consultations

Ragnar Locker Partnered with Maze Ransomware Cartel

The actors behind Ragnar Locker partnered with the Maze ransomware gang as a means of extorting victims whose unencrypted data they had stolen. On June 8, the operator of the “Ransom Leaks” Twitter account revealed that Maze ransomware had … Continue reading Ragnar Locker Partnered with Maze Ransomware Cartel

How ExpertOps Can Help You Address the Infosec Skills Gap

Are you struggling to hire skilled digital security talent in 2020? If so, you’re not alone. According to a Tripwire study on the infosec skills gap, 82% of security experts said that their teams were understaffed; nearly the same proportion (83%… Continue reading How ExpertOps Can Help You Address the Infosec Skills Gap

Zorab Ransomware Disguised as STOP Djvu Ransomware Decryptor

A security researcher discovered a new ransomware strain called “Zorab” masquerading as a decryptor for STOP Djvu ransomware. Michael Gillespie, creator of the Ransomware ID service, spotted Zorab being distributed as a decryptor for the ST… Continue reading Zorab Ransomware Disguised as STOP Djvu Ransomware Decryptor

Phishers Use Fake VPN Config Notification to Target Office 365 Details

Security researchers observed phishers leveraging a fake VPN configuration notification to target employees’ Office 365 credentials. Abnormal Security found that the campaign attempted to capitalize on the trend of organizations implementing VPNs… Continue reading Phishers Use Fake VPN Config Notification to Target Office 365 Details