No one should take too seriously the high-minded things criminals sometimes say about how they’re restraining themselves during the pandemic, and that they’re going to avoid hitting hospitals and biomedical research organizations. If anything, attacks on such targets have increased in recent months, and phishing is the usual approach.The goal of the phishing attacks is […]
Organizations Working From Home Opens Wider Target for Cybercriminals
With so many people working from home, more attackers are adapting their strategies to focus on employees as a way to bypass organizations’ defenses, FCW reports. During a webcast hosted by Venable, several Federal and industry experts discussed the challenges associated with remote work, particularly in organizations that previously required physical modes of identification.Sean Connelly, […]
When Phishing And Disinformation Meet
The Insider reported that QAnon is co-opting a USPS phishing scam, and claim the Vishing text messages are linked to human trafficking.“A viral [text] phishing scheme is targeting people across the country with scammy text messages claiming to be from the United States Postal Service (USPS). Now, QAnon conspiracy theorists have jumped into the fray, […]
Crowdstrike: “More Cyberattacks in the First Half of 2020 Than in All of 2019”
According to a recent study conducted by cybersecurity firm CrowdStrike, recent threat activity throughout its customers’ networks has shown more intrusion attempts within the first half of 2020 than in all of 2019.This may be due to the pandemic and subsequent lockdown measures forcing employees to mass shift to teleworking. This may also be due […]
CEO Fraud Wire Transfer Losses Soar 48% in Q2 2020
Business email compromise attacks—aka CEO Fraud— have taken shape this year, and according to Agari wire transfer losses have significantly increased by 48% in Q2 2020. The average losses of these attacks are $80,000, and the findings came from the Anti-Phishing Working Group’s latest Phishing Activity Trends Report.Agari also noticed that BEC losses that involved […]
Credential Stuffing Attacks Shut Down Canada’s Revenues Service
The Canada Revenue Agency is investigating two online hacking incidents affecting the personal information of thousands of Canadians, according to CBC News.The Canada Revenue Agency has temporarily shut down its online services, which means that anyone attempting to apply for emergency COVID-19 benefits, such as the Canada Emergency Response Benefit or the Canada Emergency Student […]
![[HEADS UP] Carnival Corp. is the Next Victim of a Ransomware Attack](https://i0.wp.com/www.optricsinsider.com/wp-content/uploads/2020/08/vacation-4900049_1280.jpg?fit=600%2C400&ssl=1)
[HEADS UP] Carnival Corp. is the Next Victim of a Ransomware Attack
Carnival Corporation said it detected a ransomware attack that accessed and encrypted a portion of one brand’s information technology systems over this past weekend, according to Cruise Industry News. According to a recent statement, the unauthorized access also included the download of certain company data files.“Promptly upon its detection of the security event, the Company […]
![[Heads Up] Apparently Slack Phishing Got So Bad They Had To Do Something About It](https://i0.wp.com/www.optricsinsider.com/wp-content/uploads/2020/08/logo-2563719_1920.jpg?fit=600%2C338&ssl=1){kind=logo}
[Heads Up] Apparently Slack Phishing Got So Bad They Had To Do Something About It
Slack has announced a slew of new security features, certificates and integrations, including a verification system that adds an additional layer to protect against phishing scams.The announcement follows on from Slack Connect, launched in June, which allows organizations to create shared channels with other companies. This is the company’s big play in its attempt to […]
Paying the Ransom After a Ransomware Attack May Become More Complicated, Thanks to the U.S. Treasury
With many organizations considering to pay the ransom should they experience an attack, new guidance from the U.S. Treasury may put a damper on an organization’s ability to pay.When hit with a modern ransomware attack today, the idea of paying the ransom has been brought back into the spotlight due to multiple ransomware variants also […]
Explosion of Zoom Meeting Phishing Attacks Over Spring and Summer of 2020 and Targeting Office365 and Outlook Credentials
Researchers at INKY have observed an “explosion” of Zoom-themed phishing attacks over the Spring and Summer of 2020. Most of the attacks are aimed at stealing credentials to services like Outlook and Office 365 by directing users to spoofed login pages. The researchers say they’ve observed the emails being sent from legitimate, compromised accounts as […]