Criminals are using call centers to spread ransomware in a crafty scheme

An ongoing ransomware campaign that employs phony call centers to trick victims into downloading malware may be more dangerous than previously thought, Microsoft researchers say. Because the malware isn’t in a link or document within the email itself, the scam helps attackers bypass some phishing and malware detecting services, Microsoft researchers noted in a report Thursday. When the company first examined it in May, the scheme features attackers posing as subscription service providers who lure victims onto the phone to cancel a non-existent subscription. Once there, the call center worker guides them to download malware onto their computer. Researchers now say that the malware not only allows hackers a one-time backdoor into the device, as previously thought, but to also remotely control the affected system. That means it’s even easier for them to sweep for files and find high-end user credentials that could be used to drop ransomware such as Ryuk or […]

The post Criminals are using call centers to spread ransomware in a crafty scheme appeared first on CyberScoop.

Continue reading Criminals are using call centers to spread ransomware in a crafty scheme

Aqua Security raises $135M at a $1B valuation for its cloud native security service

Aqua Security, a Boston- and Tel Aviv-based security startup that focuses squarely on securing cloud-native services, today announced that it has raised a $135 million Series E funding round at a $1 billion valuation. The round was led by ION Crossover Partners. Existing investors M12 Ventures, Lightspeed Venture Partners, Insight Partners, TLV Partners, Greenspring Associates […] Continue reading Aqua Security raises $135M at a $1B valuation for its cloud native security service

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

The malware takes aim at PostgreSQL database servers with never-before-seen techniques. Continue reading PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines

Cybercriminals aren’t sparing medical professionals, hospitals and healthcare orgs on the frontlines of the coronavirus pandemic when it comes to cyberattacks, ransomware attacks and malware. Continue reading Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines

TripActions reportedly lays off hundreds amid COVID-19 travel freeze

The coronavirus demand crunch has taken another bite: Palo Alto-based corporate travel-focused unicorn, TripActions, reportedly laid off hundreds of staff yesterday. Per this post on Blind — written by someone with a verified TripActions email address — the company fired 350 people. Business Insider reported the same figure yesterday. While the Wall Street Journal said […] Continue reading TripActions reportedly lays off hundreds amid COVID-19 travel freeze

Cloud Misconfig Mistakes Show Need For DevSecOps

Unit 42 researchers discuss public cloud misconfiguration issues that are leading to breaches of sensitive data. Continue reading Cloud Misconfig Mistakes Show Need For DevSecOps