Collaborate Disseminate
The entry points for Magecart and other e-commerce skimmers are changing, but the attackers are getting more clever, too.
The post For Magecart groups and other credit-card skimmers, old and new opportunities abound appeared first on CyberScoop.
An APWG’s report reveals that it saw 260,642 phishing attacks in July 2021 – the highest monthly total observed since APWG began its reporting program in 2004. Overall, the number of phishing attacks has doubled from early 2020. APWG Senior… Continue reading Phishing attacks top 260,000 in Q3 2021
The recent targeted attacks exploiting the (at the time) zero-day remote code execution vulnerability (CVE-2021-40444) in Windows via booby-trapped Office documents have been delivering custom Cobalt Strike payloads, Microsoft and Microsoft-owned RiskI… Continue reading CVE-2021-40444 exploitation: Researchers find connections to previous attacks
Cyware announced a partnership with RiskIQ. The partnership combines advanced global threat intelligence automation with enriched, high-fidelity threat intelligence data to enable customers to more effectively respond to attacks. “As we expand our part… Continue reading Cyware and RiskIQ provide threat intelligence necessary to stay ahead of attackers
President Joe Biden urging Vladimir Putin to crack down on cyberattacks coming from within Russian borders doesn’t seem to have convinced the Kremlin to give it up just yet. RiskIQ said in a report Friday that it uncovered active hacking infrastructure that Western governments attributed last summer to the Russian SVR intelligence agency-linked APT29 or Cozy Bear, which it used at the time to try to steal Covid-19 research. Known as WellMess or WellMail, the malware warranted government alerts in July of 2020 from the U.S., U.K. and Canada. In April, the FBI urged organizations to patch five known vulnerabilities that U.S. officials said were the subject of exploitation by the SVR. RiskIQ identified three dozen command and control servers serving WellMess that the company said were under APT29 control. It focused on the infrastructure after a U.S.-Russia summit where cyberattacks came up. “The activity uncovered was notable given the […]
The post Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings appeared first on CyberScoop.
The APWG’s new Phishing Activity Trends Report reveals that phishing maintained near-record levels in the first quarter of 2021, after landmark increases of 2020 in which reported phishing websites doubled. The number of reported phishing website… Continue reading Phishing maintained near-record levels in the first quarter of 2021
The number of phishing attacks grew through 2020, fully doubling over the course of the year. Attacks peaked in October 2020, with a high of 225,304 new phishing sites appearing in that month alone, breaking all previous monthly records, according to A… Continue reading Successful BEC attacks become 56% more costly
COVID-19 changed the rules of the game virtually overnight. The news has covered the broader impacts of the pandemic, particularly the hit to our healthcare, the drops in our economy, and the changes in education. But when a massive portion of our work… Continue reading Stop thinking of cybersecurity as a problem: Think of it as a game
Cybercrime costs organizations $24.7, YOY increase of more than $2 every minute, a RiskIQ report reveals. It will also have a per-minute global cost of $11.4 million by 2021, a 100% increase over 2015. The report covers the top threats facing todayR… Continue reading The global cost of cybercrime per minute to reach $11.4 million by 2021
RiskIQ released a research report revealing a large-scale digital scam advertisement campaign spread through fraudulent news sites and affiliate ad networks that cater to highly partisan audiences. Scammers are taking advantage of COVID-19 to spread … Continue reading Content farms develop and spread fake news about COVID-19 for profit