Cybercriminals are using malicious Google Ads to deliver the ZLoader banking Trojan, ZDNet reports. Researchers at Microsoft stated on Twitter that attackers are purchasing Google Ads that point to compromised websites, then redirect the user to a malicious website that delivers the malware. The criminals use the ads to target people who search Google for […]
[Heads Up] Has Your Exchange Been Hacked And Is Now A Ticking Time Bomb?
Brian Krebs wrote: “Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States.” UPDATE: ESET has just published a new report saying that unpatched Exchange servers are currently hunted down by “at least 10 APT groups.” Each hacked server has been […]
Credential Harvesting Attacks Targeting the U.S. Federal Government Nearly Double as Malware Declines
Shifts to a remote workforce in 2020 gave cybercriminals an opportunity to change tactics, focusing on credentialed access to systems accessed from outside government networks. New data from mobile security vendor, Lookout highlights new problems arising from increased mobile use by government employees in their new U.S. Government Threat Report. The change to using a […]
Are you listening to your logs? Part 3: High disk usage
In the previous blog of this series, we saw how server crashes can be avoided by detecting low disk space in time using logs. In this blog, we’ll talk about another server metric, disk usage, and how it can be linked to cryptojacking. Unlike the percentage of used disk space, disk usage refers to the […]
New Phishing Attack Targets 200M+ Microsoft 365 Accounts Via Malicious Excel .SLK Files to Bypass Security
Using an old (but supported) Excel filetype, attackers can bypass both Exchange Online Protection and Advanced Threat Protection to run malicious macros. Security researchers at Avanan have discovered a new attack method where cybercriminals send phishing emails that contain what appears to be an Excel spreadsheet. The file is actually an SLK file – a […]
Optrics Insider – FBI Warns About Malicious Banking Apps, Internet of Troubles, IBM Cloud Down & Malware at Honda Apps
Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the FBI’s warning about malicious banking apps, the “Internet of Troubles”, IBM’s cloud being down for 2 hours plus both Honda and the City of Knoxville being hit by malware. Timecodes: 0:00 – Intro 0:21 – Today’s 3 topics 0:51 – Topic […]
Fake Zoom Downloader is the Latest Method of Attack on Remote Workers
Riding on the coattails of the massive rise in popularity in the video conference solution, remote workers new to Zoom need to be wary of where they download the installer. We’ve written before about the various types of Zoom-related attacks that have sprouted up over the last two months. The latest chapter in this saga […]
Emotet Malware Shows Up in SMiShing Attacks Disguised as Bank Notifications
A newly discovered attack looks to try to make a victim of mobile device holders using a two-pronged attack that uses Emotet and, perhaps, Trickbot. Security researchers at IBM X-Force have uncovered a new SMiShing attack in which mobile phones are sent a text purporting to be the victim’s bank with a message indicating the […]
Five worthy reads: Fend off cyberattacks using dark web intelligence
One of the greatest advantages of the dark web is the anonymity and encryption it offers while allowing users to access everything on the world wide web. This also makes it the hotbed of some of the most notorious cyberattacks. Much of the dark net’s activities are focused around marketplaces that offer ammunition, pornography, drugs, […]
Next Generation Firewalls May Not Stop Malware
Best Defense Against Malicious Encrypted Traffic Bad actors and malicious insiders are concealing threats in encrypted traffic in an attempt to steal sensitive data. In fact, it is predicted that as much as 70% of cyberattacks will use encryption as part of their delivery mechanism by 2019. Meanwhile, the use of encryption is growing rapidly. […]