Malware

04 Nov

As Twitter Brings on $8 Fee, Phishing Emails Target Verified Accounts

Attacks, Malware

Standard phishing defense tactics apply in this situation. Users should always take a close look at the sender’s display name when checking the legitimacy of an email. Most companies use a single domain for their URLs and emails, so a message that originates from a different domain is a red flag. It is also important to check for mismatched URLs. While an embedded URL might seem perfectly valid, hovering above it might show a different…

Read More
04 Nov

BEC Scam Impersonating Top Law Firms

Attacks, Malware

BEC attacks account for a very small percentage of phishing emails that are targeting companies worldwide yet is still a multibillion-dollar issue. Organizations should adapt policies to prevent BEC scams from being executed, including a verification process for all business transactions or money transfers. Because it is so easy for a threat actor to set up a typo-squatted domain, this verification should take place in person or over the phone. Companies can work to prevent…

Read More
04 Nov

Hundreds of U.S. News Sites Push Malware in Supply-Chain Attack

Attacks, Malware

This campaign highlights the ever-growing threat of supply-chain attacks. Typically, when browsing a newspaper website, the end user feels as if the site is reputable and secure. Combining this with a fake update alert from SocGholish, many users may trust this alert and fall victim to the threat actor. This form of phishing, while it can be completed at a much smaller scale, is amplified by the undisclosed media company compromise, as it allows the…

Read More
04 Nov

Geopolitics plays major role in cyberattacks, says EU cybersecurity agency

Data Breaches, Malware, Social Engineering

The ongoing Russia-Ukraine conflict has resulted in an increase in hacktivist activity in the past year, with state-sponsored threat actors targeting 128 governmental organizations in 42 countries that support Ukraine, according to the European Union Agency for Cybersecurity (ENISA). In addition, some threat actors targeted Ukrainian and Russian entities during the early days of the conflict, likely for the collection of intelligence, according to the 10th edition of the ENISA threat landscape report. The report—this…

Read More
04 Nov

S3 Ep107: Eight months to kick out the crooks and you think that’s GOOD? [Audio + Text]

Information, Malware

by Paul Ducklin WE DON’T KNOW HOW BAD WE WERE, BUT PERHAPS THE CROOKS WEREN’T ANY GOOD? Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our RSS…

Read More
04 Nov

New US CISO appointments, September 2022

Data Breaches, Malware, Social Engineering

The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security. Follow this column to keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have…

Read More
04 Nov

The CSO guide to top security conferences

Data Breaches, Malware, Social Engineering

There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of a new tool or to have your questions answered by experts. Fortunately, plenty of great conferences are coming up in the months ahead. If keeping abreast of security trends and evolving threats is critical to your job — and we know it is…

Read More
03 Nov

Data Breach Affects Vodafone Italia

Attacks, Malware

Customers of Vodafone Italia should remain vigilant moving forward, as they could possibly become targets of phishing campaigns, digital financial fraud, or other forms of identity theft. The partner company, FourB, cut off access to the compromised servers and has indicated they will take steps to improve their security posture moving forward. https://www.bleepingcomputer.com/news/security/vodafone-italy-discloses-data-breach-after-reseller-hacked/?&web_view=true

Read More
03 Nov

Black Basta Ransomware Gang Linked to the FIN7 Hacking Group

Attacks, Malware

To protect against ransomware attacks, organizations should:• Regularly back up data, air gap, and password protect backup copies offline.• Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.• Implement network segmentation.• Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud).• Install updates/patch operating…

Read More
03 Nov

New Clipboard Hijacker Replaces Crypto Wallet Addresses with Lookalikes

Attacks, Malware

It is highly recommended to avoid downloading executables from suspicious looking websites or running attachments received over email. These are the two of the most common methods of distributing malware, so avoiding these two actions can help prevent a user from being infected by most types of malware. It is also recommended to implement and maintain good security controls, such as an EDR, on all devices within an organization. Since Laplas appears to be distributed…

Read More