Collaborate Disseminate
A new phishing attack is using fake non-delivery notifications in an attempt to steal users’ Microsoft Office 365 credentials. SANS ISC Handler Xavier Mertens discovered the attack while reviewing data captured by his honeypots. The attack begins… Continue reading Office 365 Phishing Attack Using Fake Non-Delivery Notifications
Italian oil and gas industry contractor Saipem has announced that it identified a digital attack against some of its servers. On 10 December, Saipem published a statement on its website in which it revealed the attack and said it was in the process of … Continue reading Saipem Identified a Digital Attack against Some of Its Servers
A bug connected to a Google+ API potentially exposed the profile information belonging to 52.5 million users of Google’s social network. According to David Thacker, VP of Product Management for G Suite, a software update in November introduced th… Continue reading Bug Affected 52.5 Million Users in Connection with a Google+ API
Digital criminals have launched a new sextortion campaign that attempts to infect users’ computers with a version of GandCrab ransomware. On 5 December, researchers at Proofpoint observed a scam operation spewing out thousands of emails to users … Continue reading New Sextortion Scam Campaign Delivering GandCrab Ransomware
Digital attackers used new malware called “Linux Rabbit” and “Rabbot” to install cryptominers on targeted devices and servers. In August 2018, researchers at Anomali Labs came across a campaign where Linux Rabbit targeted Linux … Continue reading Linux Rabbit and Rabbot Malware Leveraged to Install Cryptominers
A new ransomware strain successfully infected more than 100,000 personal computers in China over a period of just four days. According to a report from Velvet Security, the first samples of this ransomware broke out on 1 December after users installed … Continue reading More Than 100,000 PCs in China Infected by New Ransomware Strain
The first major security flaw has been uncovered in Kubernetes, the popular container orchestration system developed by Google. The vulnerability, identified as CVE-2018-1002105, carries a critical CVSS V3 rating of 9.8 due to low attack complexity, re… Continue reading Critical Vulnerability Uncovered In Kubernetes
A security incident at Quora potentially compromised the personal information and other details of approximately 100 million users. On 30 November, the question-and-answer website identified that a third party had gained access to one of its systems an… Continue reading Security Incident Potentially Exposed 100 Million Quora Users’ Personal Data
Marriott announced that it recently detected and addressed a security incident involving the Starwood guest reservation database. On 30 November, Marriott revealed that an internal investigation had found evidence of unauthorized access to the database… Continue reading Marriott Reveals Security Incident Involving Starwood Reservation Database
Dell disclosed a digital security incident in which unauthorized individuals targeted some pieces of customer information. On 28 November, the American multinational computer technology company announced that it had detected a security incident earlier… Continue reading Dell Discloses Digital Security Event Involving Customer Information