US-CERT alert sounds the alarm on Emotet, one of the most costly and destructive malware strains currently active. Key DetailsWhat’s happening? On July 20th, the United States Computer Emergency Readiness Team (US-CERT) issued an alert highlighting the destructive qualities of Emotet, an extremely active banking trojan that has hit state and local governments particularly hard. What is Emotet? A […]
A cyberattack against Banco De Chile (BDC)—that country’s largest financial institution—bricked a hair-raising 9,000 workstations and 500 servers. However, killing these machines was actually just to a cover trying to hide illegal transactions on the SWIFT network where banks transfer funds internationally. After the dust settled, $10 million was funneled off to accounts in Hong […]
The heightened state of cyber-attacks in recent years has put a lot of focus on preventing those attacks from being successful. But, organizations can’t simply rely on defensive strategies to stay secure. Prevention within a security strategy is largely about putting up defenses that watch and wait for an attack – looking for actions, patterns, […]
There is a new strain of attack that’s the next scary thing your organization may become the target of. This new hybrid attack starts with a Banking Trojan which gets on the machine by using social engineering to get in, suspected to be email. Once the Trojan kicks in, it looks in real time for […]
One might think that a large wire transfer from a state office would be quickly noticed. But not necessarily. A cybercriminal using BEC (business email compromise, also known as CEO Fraud) was able to steal close to $94,000 in public funds from the Massachusetts Clean Energy Center and go undetected for over a month. Worse yet, […]
The stress of obtaining a mortgage has just gotten worse, thanks to cybercriminals trying to con you out of your money. In new attacks targeting companies involved in the mortgage lending process, cybercriminals have found a lengthy, but very sneaky way to commit wire fraud at a time when tensions are high, and the victim […]
In an ongoing campaign to clean up their massive hack Experian came out with this useful post: What is Angler Phishing? Angler phishing is the practice of masquerading as a customer service account on social media, hoping to reach a disgruntled consumer. About 55% of such attacks last year targeted customers of financial institutions, trying to lure victims into […]
The ransomware plague is not letting up and rapidly getting more technically sophisticated. New strains are popping up every month, using innovative methods to spread. Worse, the ransom demands themselves are skyrocketing at the same time. This week, cyber insurance experts reported incidents with ludicrous 1 million dollar extortion attempts after attackers were able to […]
The 2018 FIFA World Cup has drawn a worldwide audience. It’s also attracted phishing scams using event tickets as bait. Tickets for the matches can only be purchased legitimately through the FIFA website using a multilayered process. This is done for both business and security reasons. Individuals are permitted to buy one ticket only, and then, once […]
Social engineering follows seasonal patterns. It’s also connected to major events. We see this every year with holiday-themed phishing attacks between Thanksgiving and New Year’s Day. We’re seeing it now with last week’s implementation of GDPR, the European Union’s General Data Protection Regulation. GDPR took effect on May 25th. In this case the phishbait is the claim […]