Over 120 managed service providers forgot to update a software plugin from 2017 and are now vulnerable to attacks. Hackers used a two-year-old vulnerability in a remote management software to gain access to networks and deploy the GandCrab ransomware on customer workstations of managed service providers. At least one company has been hit already, according to [...]
Researchers from US firm Hold Security investigating Equifax after the recent Equifax security breach exposing details of 143 million customers have said its Argentine arm is also easily hackable. It appears Equifax security measures are nothing but sloppy after revelations that its Argentinian database has 'admin' as both the username and password. An employee [...]
A Canadian university says staffers unwittingly lost $9.5m (C$11.8m; £7.5m) in an online phishing scam. Phishing emails convinced staff at MacEwan University that a client was changing its bank account details. The staff then paid money into the fraudulent account. Since the online phishing scam, the university, located in Alberta, Canada, is auditing its business [...]
In these recent attacks cyber criminals target victims using social media networks, specifically those individuals inside financial organizations and those who make financial transactions. These victims were then called using the phone by the attacker posing as bank employees, who then used social engineering tactics to trick the victim to install an "update" to the [...]
As in previous example of ransomware attacks, cybercriminals usually go straight for the end users. There are times however, they take a less direct approach, as they did with an adware campaign that targeted Google Chrome users. Copyfish is a translation plug-in for Google Chrome. By no means is it one of the most [...]
According to a report released by the Identity Theft Resource Center and CyberScout, data breaches are running 29% above last year. Hacking was the leading cause of data breaches nationwide, more than 790 so far this year. Although two-thirds of data breach notifications or public notices did not report the number of records compromised, more than 12 [...]
With the rise in dependability on technology and on the internet, cybercrime is also on the rise. To meet the demand, there is a rising trend of social engineering sites on the dark web, which make malicious hacking a point-and-click exercise. You read correctly, you can now pay for a service to help you [...]
After two recent ransomware cyber attacks disrupted businesses, factories, hospitals and schools in over 150 countries, there are many lessons to be learned. The WannaCry ransomware was developed to take control of system data. It encrypted files as soon as the virus became active and demanded a ransom to be paid via Bitcoin, a cryptocurrency [...]
A massive attack, triggered by a version of the GoldenEye or Petya ransomware is currently claiming victims around the world. Unlike other families of ransomware, #GoldenEye does not encrypt individual files, but rather the entire hard disk drive. It then reboots it to prevent the user from accessing that information. When the encryption process is complete, [...]
A new fileless ransomware has been discovered in the wild. This ransomware, titled SOREBRECT, injects malicious code into a valid system process (svchost.exe) on targeted systems and then self-destructs in order to evade detection by antivirus. This is unlike more generic "spray-and-pray" ransomware and has been designed to specifically target enterprise systems in various industries. [...]
