Collaborate Disseminate
A National Health Service (NHS) Trust revealed that it had mistakenly uploaded the personal information of over 18,000 people who had previously tested positive for coronavirus 2019 (COVID-19). On September 14, Public Health Wales announced in a web st… Continue reading Over 18K COVID-19 Patients’ Data Mistakenly Exposed by NHS Trust
A phishing attack used real-time validation against an organization’s Active Directory in order to steal users’ Office 365 credentials. According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of… Continue reading O365 Phishing Attack Used Real-Time Validation against Active Directory
An electric supply company based in Karachi, Pakistan suffered a Netwalker ransomware infection that disrupted its billing and online services. Bleeping Computer learned of the attack through Ransom Leaks, a ransomware researcher who received word from… Continue reading Pakistani Electric Supply Company Struck by Netwalker Ransomware
The DoppelPaymer ransomware gang claimed responsibility for a digital security incident that affected Newcastle University’s network and systems. In a news release published on its website, Newcastle University revealed that it had begun experiencing i… Continue reading DoppelPaymer Gang Claims Responsibility for Newcastle University Issues
Security researchers observed that malicious actors had incorporated a targeted company’s homepage into a message quarantine phishing campaign. The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguis… Continue reading Targeted Company’s Homepage Used in Message Quarantine Phish
Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program. On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for repo… Continue reading Google Ups Bug Bounty Reward Amounts for Product Abuse Risks
A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC at… Continue reading Gift Cards Requested in Two-Thirds of BEC Attacks, Report Reveals
Researchers observed that the Emotet gang had incorporated a new “Red Dawn” template into their weaponized Word Documents delivered to users. Until recently, Emotet’s handlers had been targeting users with a iOS-themed document template for their malic… Continue reading Emotet Switches to ‘Red Dawn’ Template in Weaponized Word Documents
North Korea’s BeagleBoyz team resumed its efforts to target banks worldwide with fraudulent money transfers and ATM cash outs. On August 26, the Cybersecurity and Infrastructure Security Agency (CISA) published Alert (AA20-239A) in coordination with th… Continue reading North Korea’s BeagleBoyz Resumes International Attacks Targeting Banks
New Zealand’s stock exchange suffered its second distributed denial-of-service (DDoS) attack within a matter of two days. According to Reuters, cash market trading on the floor of the New Zealand’s Exchange (NZX) came to a halt at 11:24 local time on A… Continue reading New Zealand Stock Exchange Suffers Second DDoS Attack in Two Days