The Sonicwall Capture Labs Threat Research team has analyzed a malware purporting to be an installer of a popular VPN software. This is not the first time that malware has pretended to be a VPN installer as we have previously reported here. This time, it mimicked the website of ProtonVPN. Downloaded software from the fake […]
Hackers are actively trying to exploit vulnerable Microsoft Exchange Servers
Malware writers have already started misusing the recent Coronavirus scare as a means to propagate their malicious creations as highlighted in one of our earlier blogs. SonicWall Capture Labs Threats Research team recently observed this tactic being used in the Android ecosystem as well in the form of a Remote Access Trojan (RAT). An Android […]
Hackers are actively trying to exploit vulnerable Microsoft Exchange Servers
SonicWall Capture Labs Threat Research team observes attackers actively probing for vulnerable Microsoft Exchange servers. Vulnerability | CVE-2020-0688: A remote code execution vulnerability has been reported in Microsoft Exchange Server. The weakness is due to the server failing to properly create unique keys at the time of installation. Microsoft Exchange Server does not randomly generate […]
Amazon Prime Phishbait: Lessons Learned
An Amazon phishing campaign is accidentally sending out links that lead straight to the attacker’s remote access console, according to Paul Ducklin at Naked Security. Ducklin explains that Sophos came across a generic Amazon Prime phishing email which informed recipients that their Amazon account had been suspended. The email contained a link for the user […]
Bogus Singapore Police Site Serves as a Watering Hole
The Singapore Police Force (SPF) released an advisory warning about a phishing site that’s spoofing the Force’s website, Channel News Asia reports. The bogus website informs the user that their computer has been locked “due to viewing and dissemination of materials forbidden by law of Singapore,” for the most part pornographic content of an extreme […]
Ransomware Attack On Wool Industry Halted Sales Across Australia Last Week
It is yet to be seen how a cyber attack which shut down wool sales last week will affect growers in Tasmania. Last Tuesday Talman Software, which is used by the majority of wool industry across Australia and New Zealand, was the victim of a ransomware attack. The attack prevented brokers from being able to […]
Five worthy reads: XAI, a move from black to white
Five worthy reads reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore the concept of XAI, Explainable AI. Have you ever wondered about the intricate logic behind sponsored content and recommendation systems found across social media and online retailer pages? With the significant […]
Experts: Expect Summer Olympics-Themed Cyberattacks in the Coming Months
The business of the games will provide cybercriminals with countless options to scam participants, sponsors, and spectators using contextual details and social engineering. So, you’re all set to go to the games this summer and then get an email about your hotel booking: the credit card came back invalid and you need to re-enter in […]
WSJ: “Losing $450,000 in Three Days: Hackers Trick Victims Into Big Wire Transfers”
Rachel Louise Ensign wrote a great story for the WSJ about CEO Fraud, also known by the FBI as Business Email Compromise. I’m quoting an extract and I strongly recommend sending a link to the original WSJ article to your C-levels as it’s excellent ammo to get budget for new-school security awareness training. “In 2018, […]
Ako ransomware demands $3000. Operators hide behind tOr.
The SonicWall Capture Labs Threat Research Team have recently come across a new variant of Ako ransomware. The malware spreads via spam email and shares similarities to MedusaLocker. This has lead many to believe that the malware is a variant of MedusaReborn. However, the operators have reportedly denied this claim and state that Ako is […]