Analyzing Email Services Abused for Business Email Compromise
www.trendmicro.com/en_us/research/21/j/analyzing-email-services-abused-for-business-email-compromise.html Like a number of online attacks and threats that took advantage of the changing work dynamics, business email compromise (BEC) remains one of the cybercrimes that causes the most financial losses for businesses despite the decrease in number of victims. Our continued monitoring of BEC activities showed a consistent increase in numbers during the year
Google analysed 80 million ransomware samples: Here’s what it found
www.zdnet.com/article/google-analysed-80-million-ransomware-samples-heres-what-it-found/ Google has published a new ransomware report, revealing Israel was far and away the largest submitter of samples during that period. The tech giant commissioned cybersecurity firm VirusTotal to conduct the analysis, which entailed reviewing 80 million ransomware samples from 140 countries. Lisäksi: the report
storage.googleapis.com/vtpublic/vt-ransomware-report-2021.pdf. Lisäksi:
www.darkreading.com/threat-intelligence/virustotal-shares-data-on-ransomware-activity. Lisäksi:
thehackernews.com/2021/10/virustotal-releases-ransomware-report.html
Google: We’re Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries
thehackernews.com/2021/10/google-were-tracking-270-state.html Google’s Threat Analysis Group (TAG) on Thursday said it’s tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50, 000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. Lisäksi:
blog.google/threat-analysis-group/countering-threats-iran/
A Telegram Bot Told Iranian Hackers When They Got a Hit
www.wired.com/story/apt35-iran-hackers-phishing-telegram-bot/ When the Iranian hacking group APT35 wants to know if one of its digital lures has gotten a bite, all it has to do is check Telegram. Whenever someone visits one of the copycat sites they’ve set up, a notification appears in a public channel on the messaging service, detailing the potential victim’s IP address, location, device, browser, and more. It’s not a push notification; it’s a phish notification.
DocuSign phishing campaign targets low-ranking employees
www.bleepingcomputer.com/news/security/docusign-phishing-campaign-targets-low-ranking-employees/ Phishing actors are following a new trend of targeting non-executive employees but who still have access to valuable areas within an organization. As reported by Avanan researchers, half of all phishing emails they analyzed in recent months impersonated non-executives, and 77% of them targeted employees on the same level.
Brazilian e-commerce firm Hariexpress leaks 1.75 billion sensitive files
www.zdnet.com/article/brazilian-e-commerce-firm-hariexpress-leaks-1-75-billion-sensitive-files Around 1.75 billion sensitive files were leaked by a Brazilian e-commerce integrator that provides services to some of the country’s largest online shopping websites.
Acer confirms breach of after-sales service systems in India
www.bleepingcomputer.com/news/security/acer-confirms-breach-of-after-sales-service-systems-in-india/ Taiwanese computer giant Acer has confirmed that its after-sales service systems in India were recently breached in what the company called “an isolated attack.”
University of Sunderland announces outage following cyberattack
www.bleepingcomputer.com/news/security/university-of-sunderland-announces-outage-following-cyberattack/ IT systems down, attributing the problem to a cyber-attack. The first signs of disruption for the university’s IT systems appeared in Tuesday morning, but remain widely impactful and unresolved.
Microsoft releases Linux version of the Windows Sysmon tool
www.bleepingcomputer.com/news/microsoft/microsoft-releases-linux-version-of-the-windows-sysmon-tool/ Microsoft has released a Linux version of the very popular Sysmon system monitoring utility for Windows, allowing Linux administrators to monitor devices for malicious activity.
Experts Warn of Unprotected Prometheus Endpoints Exposing Sensitive Information
thehackernews.com/2021/10/experts-warn-of-unprotected-prometheus.html A large-scale unauthenticated scraping of publicly available and non-secured endpoints from older versions of Prometheus event monitoring and alerting solution could be leveraged to inadvertently leak sensitive information, according to the latest research.
Passengers couldn’t fly after NHS vaccine passport went offline
arstechnica.com/information-technology/2021/10/passengers-couldnt-fly-after-nhs-vaccine-passport-went-offline/ England’s COVID Pass system went offline for hours on Wednesday, causing British travelers to remain stranded at airports. Some passengers couldn’t board their flights, while others suffered delays as both the National Health Service (NHS) website and app experienced issues.
Thieves abused Apple’s enterprise app programs to steal $1.4 million in crypto
appleinsider.com/articles/21/10/14/thieves-abused-apples-enterprise-app-programs-to-steal-14-million-in-crypto A scam circulating for six months has evolved to impact iOS users. The CryptoRom fraud implementation is fairly straight-forward after gaining a victim’s trust through social media or existing data apps, users are fooled into installing a modified version of a cryptocurrency exchange, baited into investing, and then defrauded out of cash.
Varo, Wilman käyttäjä käyttäjien tietoja kalastellaan
www.is.fi/digitoday/tietoturva/art-2000008331529.html Wilman tunnuksia kalastetaan väärennetyn sivun kautta. Järvenpään kaupunki varoittaa vanhempia. Hyökkääjä pyrkii keräämään käyttäjien käyttäjätunnuksia ja salasanoja. Sivusto on verkkorikollisen tekemä.
