The spam campaign, which specifically targeted UK users, relied on DNS TXT records and redirected users to a fraudulent trading site. IP addresses associated with the campaign are likely linked with Necurs botnet. A new malspam campaign targeting UK users has been spotted in the wild. MyOnlineSecurity.com which came across a number of spam emails related to this campaign found ...
Read More »Author Archives: firewallsadmin
Scammers abuse Google Calendar feature to trick users into revealing their personal information
The scammers are leveraging phishing attacks to target users in this scam. The emails contain a link that exploits a common default feature of Google Calendar to include automatic addition and notification of unwanted events & invitations. Multiple cases of a sophisticated scam targeting consumers through unsolicited Google Calendar notifications has been observed recently. The main purpose of the scam ...
Read More »Consumers are Concerned About Biometrics and Online Payments
Fifty-six percent of consumers in North America and Europe are concerned about biometrics, and 81 prefer passwords for online payments due to security concerns, according to the report “Lost in Transaction: The end of Risk?”. Forty-eight percent of consumers have already authenticated a payment using some form of biometric authentication, rising to 54 percent in the UK. n mCommerce and biometric identification is marked, ...
Read More »Vulnerabilities in Hardware Security Modules (HSMs) allow attackers to retrieve sensitive data
Several vulnerabilities are detected in the HSM of a major vendor, allowing an attacker to take full control of the vendor’s HSM. The vulnerabilities could allow attackers to retrieve sensitive data stored inside Hardware Security Modules. Security researchers Gabriel Campana and Jean-Baptiste Bédrune uncovered vulnerabilities that could allow attackers to retrieve sensitive data stored inside Hardware Security Modules. What is ...
Read More »Attackers exploit major vulnerability in Oracle WebLogic Server to drop cryptominers
The vulnerability was actively exploited to install miners for cryptocurrencies such as Monero. It was reported that the malware used in the attack cloaked itself in certificate files for obfuscation. A security vulnerability in Oracle WebLogic Server was found to be actively exploited by cybercriminals to install cryptocurrency miners. Security researchers from Trend Micro discovered that the malware used in ...
Read More »New Hawkball backdoor attacks government sector in Central Asia
A newly discovered malicious backdoor by the name of Hawkball was recently observed in a campaign apparently targeting one or more Russian-speaking government entities in Central Asia, according to a blog post this week from FireEye Labs. Upon successful infection, Hawkball offers the unidentified attackers a range of malicious capabilities, writes FireEye blog post author and malware researcher Swapnil Patil. These include surveying the ...
Read More »Three Cyber Attacks on the Rise According To New Research
Cybersecurity threats are continuously evolving as attackers constantly vary their methods and tools to sidestep improved cyber defenses. To better understand this behavior, the WatchGuard Threat Lab analyzes these changing trends in our quarterly Internet Security Report. Not surprising, in Q4 2018 our team saw a mix of threats targeting organizations of all sizes. However, there were several attack methods that stood out ...
Read More »Cisco Industrial Network Director found containing major security bugs
Cisco identified three security flaws in the software which is designed for managing industrial networks. Among the three, one was marked “high severity” and could allow attackers to execute arbitrary code. Cisco has identified three security bugs in Industrial Network Director (IND) software. In a series of security advisories released on Wednesday, Cisco addressed these major flaws present in IND. ...
Read More »Ransomware is the Biggest Threat for Small to Medium Businesses
Eighty-six percent Small to Medium Business (SMB) clients were recently victimized by ransomware and 21 percent report six or more SMB attacks in the first half of 2017 alone, according to Datto’s State of the Channel Ransomware Report. Key findings from the ransomware report include: An estimated five percent of global SMBs fell victim to a ransomware attack from 2016 to 2017. ...
Read More »GandCrab creators plan to end its operations soon
GandCrab, which is provided as ransomware-as-a-service, is expected to shut down operations by next month. The ransomware is said to have at least five variants since its inception last year. The infamous GandCrab ransomware might soon come to an end. In an announcement posted on a hacking forum, the creators of this formidable malware spoke of their decision to stop ...
Read More »