Shifts to a remote workforce in 2020 gave cybercriminals an opportunity to change tactics, focusing on credentialed access to systems accessed from outside government networks. New data from mobile security vendor, Lookout highlights new problems arising from increased mobile use by government employees in their new U.S. Government Threat Report. The change to using a […]
Microsoft Dominates as the Most Impersonated Brand in Phishing Attacks
New data from phishing detection vendor Inky highlights which brands are most often used by cybercriminals in phishing attacks that will give them the edge needed for a successful phish. If you were to analyze nearly 657 million emails, you’d probably have a good grasp on exactly what the bad guys are doing to phish […]
Universal Health Services Becomes Next Victim of Ryuk Ransomware, Costing $67 Million
Fortune 500 hospital and health care service provider Universal Health Services (UHS) recently became victim to Ryuk ransomware in September 2020. UHS released the following statement, “The substantial majority of the unfavorable impact was attributable to our acute care services and consisted primarily of lost operating income resulting from the related decrease in patient activity […]
Running Headfirst Into a Breach
The pandemic changed the fortunes of many organisations. Perhaps none so much as Zoom, which has found itself becoming a noun synonymous with any form of video call. However, its meteoric rise has not been without some hiccups along the way. There have been many cases of people not securing their meetings, leading to many […]
Bogus FedEx and DHL Phishbait
Researchers at Armorblox describe an ongoing phishing campaign that’s using phony FedEx and DHL shipping notifications as phishing lures. “A few days ago, the Armorblox threat research team observed an email impersonating FedEx attempt to hit one of our customer environments,” the researchers write. “The email was titled ‘You have a new FedEx sent to […]
Microsoft Finds 80% of Organizations Encounter an Increase in Security Threats Due to Remote Workers
Learning from last year’s shift to a remote workforce can help dictate how operations should evolve. New data from Microsoft points at the need to better secure remote workers. Microsoft’s New Future of Work Report (subtitled Research from Microsoft into the Pandemic’s Impact on Work Practices) offers insight into how businesses have changed the way […]
Microsoft: SolarWinds attack took more than 1,000 engineers to create
You may have missed this extremely interesting bit of data that ZDNet just published. “Microsoft reckons that the huge attack on security vendors and more took the combined power of at least 1,000 engineers to create. “The months-long hacking campaign that affected US government agencies and cybersecurity vendors was “the largest and most sophisticated attack […]
It’s Not Only About the URL
You have to look at the totality of an email to determine whether it is a phishing attack or not. I’ll admit it, I’m guilty. When I get a phishy-looking email, the first thing I do is hover over the URL to see if it is legitimate-looking or not. And, most phishing emails do contain […]
Trickbot is Targeting the Legal Sector
Researchers at Menlo Security warn of an ongoing Trickbot campaign targeting the legal and insurance industries. Trickbot is a notorious remote access Trojan that was in the crosshairs of separate operations by US Cyber Command and Microsoft late last year. While these operations crippled the malware’s botnet ahead of the US elections, they weren’t expected […]
![[Heads Up] Email Phishing Is Now the Top Ransomware Attack Vector](https://i0.wp.com/www.optricsinsider.com/wp-content/uploads/2021/02/RansomwareAttackVectors.png?fit=596%2C405&ssl=1)
[Heads Up] Email Phishing Is Now the Top Ransomware Attack Vector
New data shows that pushback from the ransomware victim “market” may be influencing just how much cybercriminals are asking for as ransom and are being paid. 2020 seemed to point to ransomware continuing to grow in devastation and cost; Ryuk reached a $34 million ransom payout, organizations were operationally brought to their knees by many […]