Quickbooks Phishing AttackPurporting to be invoices and payment reminders, this new campaign targets users of the popular accounting software to install the banking trojan on its victims endpoints. The bad guys have long known that emails involving the concept that the recipient owes money will get a response. They also know if you use a […]
FBI Finds Phishing Sites Abusing Search Results and Ads to Steal Banking Credentials
The US Federal Bureau of Investigation has sent out a private industry notification (PIN) warning that cybercriminals are using search engine ads and search results to spread phishing sites that impersonate banking websites. The FBI says this campaign has been running since March of 2021, although the Record notes that this technique has been in […]
COVID-Related Phishing Attacks Return to Mid-Pandemic Heights
New data from Palo Alto Network’s Unit42 provides a wealth of insight into specifically how cybercriminals have leveraged COVID-related theming to ensure a successful phishing attack. Throughout the last 14 months, the bad guys have consistently kept pace with the state of the pandemic. They have been looking for the best aspects of the COVID […]
FBI Obtains Authorization to Access US Servers to Remove Webshells Due to Exchange Vulnerability
Your server could have been compromised and the FBI was trying to mitigate the issue without you even knowing it yet. Yesterday the Department of Justice revealed in a statement that the FBI was granted access to remove web shells that were installed on compromised web servers. These web servers are related to the Microsoft […]
2021 Phishing Trends Face Alarming Predictions and Will Likely Include Automated Attacks
Researchers at INKY warn that targeted phishing attacks will continue throughout 2021, as some employees return to the office and others continue working from home. They predict that spear phishing attacks will begin to grow more automated, allowing more attackers to launch these attacks. The researchers expect to see the following five trends for the […]
3 Ways To Protect Your Identity Online
Within security awareness training programs, cybersecurity experts promote various tactics and best practices to implement within personal and work environments to protect your identities online and reduce the risk of theft or privacy loss. While these concepts seem like a broken record to some people, here are 3 best practices that can significantly reduce the […]
Phishing Attacks Using PDF Files Have Skyrocketed
Phishing attacks using PDF files have spiked over the past year, according to researchers at Palo Alto Networks’ Unit 42. “From 2019-20, we noticed a dramatic 1,160% increase in malicious PDF files – from 411,800 malicious files to 5,224,056,” the researchers write. “PDF files are an enticing phishing vector as they are cross-platform and allow […]
KPMG: Cyber Security Risk Is Now No. 1 Threat To Growth
KPMG in the UK just released their CEO 2021 Outlook Pulse Survey where global leaders were asked about their 3-year outlook. CEOs of the world’s most influential companies are planning what a return to ‘normal’ will look like. Nearly half (45 percent) expect normality to resume in 2022, with only one-third (31 percent) anticipating a […]
Microsoft Exchange Server hacks ‘doubling’ every two hours | ZDNet
Cyberattackers are taking full advantage of slow patch or mitigation processes on Microsoft Exchange Server with attack rates doubling every few hours. According to Check Point Research (CPR), threat actors are actively exploiting four zero-day vulnerabilities tackled with emergency fixes issued by Microsoft on March 2 — and attack attempts continue to rise. In the […]
[Heads Up] Has Your Exchange Been Hacked And Is Now A Ticking Time Bomb?
Brian Krebs wrote: “Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States.” UPDATE: ESET has just published a new report saying that unpatched Exchange servers are currently hunted down by “at least 10 APT groups.” Each hacked server has been […]