An uptick in phishing attempts using a fake and badly created Office 365 credentials update form is taking place, according to a new Cofense report. Not only is the form, which is linked to in the email, riddled with typos and capitalization errors, but it is actually a Google Forms fdocs form. Something Microsoft is…
The Department of Homeland Security CISA is warning critical infrastructure operators to redouble their security efforts after a natural gas compression facility was hit and shut down by a ransomware attack. The attackers used a spearphishing email containing a link to gain access to the operator’s network and then moved laterally to the target’s operational…
The World Health Organization (WHO) issued a warning today stating scammers are disguising themselves as WHO representatives to try and con people out of money and personal information. The WHO said phishing emails, phone calls, fake websites, texts and even faxes are being sent under the WHO name asking for various types of login information,…
Researchers have observed a new malware campaign that’s been targeting the U.S., Argentina, Brazil and Costa Rica with an updated variant of the Loda RAT remote access trojan. In a company blog post on Wednesday, Cisco Talos said that since at least the last quarter of 2019, the campaign has been using malicious websites to…
The FBI’s Internet Crime Complaint Center (IC3) last year fielded 467,361 complaints related to cybercrime activity that collectively cost victims $3.5 billion in losses, according the agency’s just released 2019 Internet Crime Report. The 2019 complaint count represents a nearly 33 percent increase from the 2018 total of 351,937, and the $3.5 billion figure also…
Looking to capitalize on the current coronavirus scare, malware distributors have launched a new phishing campaign that targets global companies with emails that suggest that virus could disrupt shipping operations. According to a Feb. 10 research blog post authored by Sherrod DeGrippo, senior director of threat research and detection at Proofpoint, the malicious actors have…
Two schools, two ransomware attack and two different outcomes. The Allegheny Intermediate Unit school system was able to fend off a recent ransomware attack using back up files, meanwhile the University of Maastricht just disclosed it paid 30 bitcoins to regain control of its encrypted computer network. Allegheny Intermediate Unit (AIU), a regional public education…
Traditionally, when it comes to monetizing a real estate deal its all about location, location, location, but malicious actors are now targeting everyone from the home buyer to the lender to steal vital information. Proofpoint recently looked at 600 real estate transactions came across six attacks targeting those involved that utilized a laundry list of…
There are many different types of Business Email Compromise (BEC) attacks, but the smartest and most likely to succeed are often timed to coincide with something that can lend them legitimacy, such as tax season. By infiltrating an organization to find a few useful details, scammers can craft email messages that are perfectly timed and…
The cybercriminal group TA505 has reportedly changed up its tactics again, now engaging in phishing campaigns that leverage attachments with HTML redirectors in order to deliver Excel documents containing malware. Following a short period of inactivity, the group, resumed activities last month with a scheme designed to get victims to install the information-stealing Trojan GraceWire,…
