Brian Krebs reported: “A ransomware outbreak has besieged a Wisconsin based IT company that provides cloud data hosting, security and access management to more than 100 nursing homes across the United States. The ongoing attack is preventing these care centers from accessing crucial patient medical records, and the IT company’s owner says she fears this […]
Waterloo Brewing loses $2.1 million in social engineering cyberattack
Waterloo Brewing Ltd. says it has lost $2.1 million in what it calls a social engineering cyberattack. The Ontario brewery says the incident occurred in early November and involved the impersonation of a creditor employee and fraudulent wire transfer requests. Waterloo Brewing says it initiated an analysis of all other transaction activity across all of […]
U.S. Utilities Face Phishing Attacks Intent on Gaining Remote Access
Last month saw a number of utility sector businesses targeted with spear phishing attacks that utilize a new remote access Trojan (RAT) that provides attackers with admin access. We’ve seen a wave of attacks that appear to be focused on infrastructure-related organizations in the U.S. The recent seemingly coordinated attacks on local governments and municipalities […]
Even ‘Unsubscribe’ Emails Can Put the Organization at Risk
Social Engineering tactics seek to use any means that’s familiar to the intended victim – and unsubscribing is perceived as being so benign, it may just be the perfect way to fool your users. While I can’t think of a single website I’ve visited in the last year that sends me an email after I’ve […]
Gift Cards Are Now the #1 Business Email Compromise Cash-Out Mechanism for Fraudsters
Overtaking wire transfers and payroll diversion, gift cards have taken a material lead as one of the easiest and least recoverable ways to cash out of a fraud scam. The CEO gift card scam has been around for a while. It’s a malware-free, purely socially-engineered scam that takes little more than a reasonable email address […]
The Stock Market Doesn’t React Well to Data Breaches
The latest data from UK-based research firm, Comparitech, shows that organizations who suffer a data breach continue to suffer in the stock market well after. After a data breach, there are many costs incurred by organizations attempting to clean up the mess. Investigations, communications, public relations, legal fees, and customer notifications are just some of […]
Cybersecurity Remains a Top Priority During M&A Diligence
M&A is no longer just about revenue, assets, and intellectual property; many organizations are increasingly worried about cybersecurity posture and risk, requiring appropriate diligence. When organizations merge with or acquire another company, it’s also taking on the cybersecurity posture (good or bad) of that company. In some cases, organizations within an industry filled with regulations […]
Homeland Security Warning About Phishing As A Threat to 2020 Elections
The US Department of Homeland Security is warning state election officials that phishing attacks are one of the greatest threats to watch out for as the 2020 elections approach. Fifth Domain reports that Geoff Hale, director of the DHS’ Election Security Initiative, told a gathering of secretaries of state last week that phishing is what […]
Automated Tailored EBAY Spam Campaign Leads to Risky Sites
Automated spam on eBay is spreading tailored phishing messages offering to promote users’ products, and the links the spammers share can lead to dangerous websites, according to Paul Ducklin at Naked Security. The messages themselves contain text customized to a product the target has just posted, and they include an image of a shortened, easy-to-read […]
Why Do Organizations Still Under-report Cybercrime?
It’s estimated that organizations aren’t engaging with Law Enforcement when becoming a victim of a cybercrime in large numbers. We cover 5 reasons why organizations don’t. After a confirmed cyberattack, there are a number of tasks that need to be done; figure out what happened, assess the scope of any damage done, figure out where […]