For those looking to get their taxes done early, watch out for emails impersonating ADP offering a link to retrieve your W2 early! While everyone pretty much hates taxes, obtaining all your necessary paperwork is something most want to take care of well-ahead of tax time. A new phishing attack purports to be ADP – […]
Auto Dealership Becomes Latest Victim of Ransomware Attack Costing Up to $500,000
The opening of a seemingly benign email from a coworker by an unsuspecting employee set in motion an attack that brought operations to a halt and resulted in some costly remediation. The Arrigo Automotive Group in West Palm Beach, FL became the latest victim of a ransomware attack that crippled most of the computers across […]
Phishing Attacks Impersonating Canadian Banks Work So Well, the Campaign Has Been Running for Two Years
As part of a massive ongoing phishing campaign, the same group of attackers leverage hundreds of lookalike phishing websites to steal from unsuspecting banking customers. Security researchers at CheckPoint have uncovered a two-year phishing campaign targeting customers of Canadian banks. Emails sent under the guise that banking users need to activate a digital certificate as […]
Security Generation Gaps
People from different generations tend to approach cybersecurity differently. Organizations should tailor their security programs and phishing tests with this in mind. According to Azeem Aleem, vice president cybersecurity consulting at NTT Ltd. In an article for Verdict, Aleem cited a recent study by NTT which found that employees over the age of thirty are […]
U.S. Government Issues Warning About Possible Iranian Cyberattacks
Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. Gen. Qassim Suleimani was killed by a U.S. airstrike at the Baghdad airport in Iraq. “Given recent developments, re-upping our statement from the summer,” Krebs said in a rare […]
Major Dutch University Still Fighting Ransomware Downtime; Expert Says Russian Hacker Group Responsible
Major Dutch Maastricht University was still trying to recover from a crippling cyber attack nearly a week after the university’s computer systems were infected by ransomware. New York-based cyber expert Vitali Kremez said that Russian organized cybercrime outfit TA505 is responsible, they distribute Clop, a ransomware strain first discovered in February 2019. The University which […]
4 patients sue Alabama health system after ransomware attack
BeckerHospitalReview just posted a new wrinkle in the battle against ransomware: “Four patients filed a class action lawsuit against Tuscaloosa, Ala.-based DCH Health System, alleging privacy violations and medical care disruption after an October ransomware attack. Five things to know: 1. The patients filed the lawsuit on Dec. 23, according to the Tuscaloosa Real-Time News. […]
Phishing Remains the Most Widespread Risk
As organizations look to improving their defenses, it’s worth remembering that attackers usually get through those defenses by manipulating the human beings those security measures are in place to protect. A recent warning on increased phishing attacks worth taking to heart comes from Deloitte Malaysia Cyber Risk, Risk Advisory executive director Ho Siew Keient. “Fraud, […]
WIRED: “The Decade Big-Money Email Scams Took Over”
Excellent article in WIRED, where they observed that In the last few years, the “Nigerian prince” scams have gotten a major upgrade. Here is an extract and a link to the full article: “For a long time cybercriminals believed that the money was within the masses,” says Crane Hassold, senior director of threat research at […]
PayPal Scammers Want More than Just Your PayPal Credentials
Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails purporting to come from PayPal which inform recipients that an unknown device has accessed their account. The emails appear legitimate and convey a professional sense […]