Category: Cyber Security

Veterans are High-Payoff Social Engineering Targets for Scammers

Veterans are particularly valuable targets for various types of social engineering attacks, according to Mary K. Talbot at the Providence Journal. Veterans are often respected leaders in the community, and often function as influencers whose opinions carry a lot of weight. As a result, disinformation campaigns in often single them out to hijack their accounts […]

PayPal Scammers Want More than Just Your PayPal Credentials

Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails purporting to come from PayPal which inform recipients that an unknown device has accessed their account. The emails appear legitimate and convey a professional sense […]

[LEGAL ALERT] What You May Have Overlooked in the Run Up to CCPA Compliance

LAW.COM had a very good reminder that you really need to keep in mind. Here is an extract: “With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some companies may be scrambling to get their data collection and management processes in order. “Others, however, might be taking a wait-and-see approach […]

[Heads-up] Ransomware attack forces Arkansas CEO to fire 300 employees days before Christmas

The chief executive officer of a telemarketing company in Sherwood, Arkansas has let go 300 employees after the company failed to recover from a ransomware infection a few months back. In a deeply apologetic letter to employees, The Heritage Company CEO Sandra Franecke said two months ago their servers were attacked by hackers who demanded […]

KubeCon + CloudNativeCon 2019 Takeaways

Cloud Native Computing Foundation’s KubeCon + CloudNativeCon 2019 recently took place in San Diego, California. Along with an increase in the number of companies and attendees, Kubernetes also got the attention it deserves from small, medium, enterprise and telco businesses, as well. Here are my takeaways from this show. Kubernetes is Stable for Production Use […]

[NEW RISK] The MAZE Ransomware Gang Outs Their Victims On A Public Web Site

In a continuing escalation of its extortion tactics, independent security researcher, Brian Krebs reported on Krebsonsecurity.com that the criminals behind the MAZE-RANSOMWAREMAZE Ransomware gang just created a publicly viewable web site listing 8 victims and a limited amount of selected data. MAZE probably hopes that by increasing psychological extortion pressure they will squeeze current victims […]

Financial Advisor Fined After Falling for BEC Scam

The Financial Industry Regulatory Authority (FINRA) fined and temporarily suspended a financial advisor working for UBS after he was tricked into transferring $511,870 from a client’s account in a CEO fraud scam, according to FinancialAdvisorIQ. A hacker used social engineering to access the client’s account and asked the advisor, William Darby, to move the money […]

Whaling: Like Phishing, but After Bigger Game

Organizations have to acknowledge their responsibility for ensuring their employees are able to recognize targeted phishing attacks, according to James McGachie, Legal Director of DLA Piper Scotland. Writing in The Herald, McGachie explains that sophisticated spear phishing attacks designed to steal large amounts of money (also known as “whaling”), should be of special concern to […]

How Phishing is Evolving

Attackers are always using new tactics to stay ahead of defenders, and Microsoft’s Office 365 Threat Research Team describes three noteworthy phishing techniques they’ve observed in 2019. The first was the use of hijacked search results to redirect users to malicious sites. Attackers used a traffic generator to artificially push a baited website to the […]

Money Mules and Evil Corp

Last week we reported that the U.S. Justice and Treasury Departments filed charges against and placed sanctions on the members of “Evil Corp.,” the criminal group behind the Dridex malware. Brian Krebs offers a detailed look at how Evil Corp. operates, and particularly at their use of money mules to launder criminally obtained funds. Krebs […]