Collaborate Disseminate
Digital attackers launched a new ransomware campaign dubbed “PLEASE_READ_ME” in an effort to target MySQL servers. Guardicore first spotted the attack back in January 2020. After that, it witnessed a total of 92 attacks emanate from 11 IP addresses, wi… Continue reading PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers
Security researchers detected a new spear-phishing attack that’s using an exact domain spoofing tactic in order to impersonate Microsoft. On December 7, IRONSCALES revealed that it had spotted the campaign targeting Office 365 users. Those users primar… Continue reading New Microsoft Spear-Phishing Attack Uses Exact Domain Spoofing Tactic
The Phorpiex botnet earned the notorious designation of “most wanted malware” for the month of November 2020. In its Global Threat Index for November 2020, Check Point Research revealed that it had observed a surge in new Phorpiex botnet infections tha… Continue reading Phorpiex Botnet Named “Most Wanted Malware” in November 2020
Mercy Health revealed that it had fired an employee who was responsible for an insider breach involving its systems. On December 4, Mercy Health posted a notice informing its patients of a medical records incident that had occurred earlier in the year…. Continue reading Mercy Health Fired Employee Responsible for Insider Breach
Malicious actors used a Business Email Compromise (BEC) scam to prey upon a Philadelphia non-profit food bank. According to The Philadelphia Inquirer, the scam occurred back in July when the hunger relief organization Philabundance was nearing the comp… Continue reading BEC Scammers Struck Philadelphia Non-Profit Food Bank
The Egregor ransomware gang struck TransLink, the authority responsible for managing Metro Vancouver’s transportation network. On December 1, TransLink announced that certain issues were affecting its phones, online services and payment systems. The au… Continue reading Egregor Ransomware Strikes Metro Vancouver’s TransLink
A global phishing campaign targeted organizations associated with the Coronavirus 2019 (COVID-19) cold chain. Discovered by IBM Security X-Force, the operation began in September 2020 by targeting multiple entities that support the Cold Chain Equipment… Continue reading Global Phishing Campaign Sets Sights on COVID-19 Cold Chain
U.S. law enforcement learned that email attackers are using auto-forwarding rules to help them to perpetrate Business Email Compromise (BEC) scams. In a Private Industry Notification published on November 25, the FBI revealed that some BEC scammers are… Continue reading Email Attackers Using Auto-Forwarding Rules to Perpetrate BEC Scams
An Indian national received a prison sentence of 20 years for having created a call center scheme that preyed upon U.S. individuals. On November 30, U.S. District Judge David Hittner handed down a 20-year prison sentence to Hitesh Madhubhai Patel, aka … Continue reading Indian National to Spend 20 Years in Prison for Call Center Scheme
A phishing campaign used what appeared to be back-to-work notifications in order to compromise recipients’ corporate email accounts. Near the end of November, Abnormal Security detected one of the campaign’s attack emails. That message masqueraded as a… Continue reading Back-to-Work Phishing Campaign Targeting Corporate Email Accounts