IKEA’s email system riddled with cyberattacks
IKEA has recently been tackling phishing attacks towards its employees. The attacker uses stolen reply-chain emails to lure employees into a false sense of security and click malicious links.
Cyberattacks are becoming an everyday occurrence, and organizations worldwide are falling prey to meticu...
Cybercriminals enhance tactics to exploit zero-day flaws
HP Wolf Security caught exploits of the zero-day CVE-2021-40444 a remote code execution vulnerability in the MSHTML browser engine that can be triggered by opening a malicious Microsoft Office document.
The flaw was caught a week before a patch was released for it. The latest HP Wolf Security Th...
Fujitsu confirms stolen data was not taken from its systems
Fujitsu confirmed that data being sold by cybercriminals is not related to any breaches or attacks on its systems. Last month, a claim appeared on Marketo (the criminal marketplace) selling 4GB of data from Fujitsu, which was marketed widely.
At the time, Fujitsu said it was investigating a pote...
This is the perfect ransomware victim, in the eyes of cybercriminals
KELA published a report on Monday detailing the listings made by ransomware operators in the underground. It includes initial access requests (how the attackers gain a foothold in the target system to spread).
The report reveals that many hackers want to buy access to US companies that bring in ...
Enterprises have to deal with more one-two-punch extortionists
During this year’s Black Hat USA event, experts have warned that the adoption of double-extortion attacks against organizations is on a rising trend. The warning comes after this year saw Kaseya, JBS, and Colonial Pipeline, among the most affected companies targeted by cybercriminals.
Ransomwa...
New ransomware shows popularity of Golang programming language
A new ransomware strain has emerged that uses Golang in what is yet another sign of the programming language's growing popularity among cybercriminals. CrowdStrike managed to get a sample of the new ransomware variant, which has not yet been named.
It borrows features from HelloKitty/DeathRansom...
New vulnerabilities potentially expose millions of IoT devices
Millions of IoT (Internet of Things) devices have security vulnerabilities that could allow cybercriminals to knock devices offline or control them remotely. The problem with this is that it opens the door to gain wider access to bigger networks.
Nine major vulnerabilities are affecting four TCP...
Microsoft says it is going after Excel macro malware
Since the 90s, macro malware has been a big part of a hacker’s toolkit. Even in recent times, the technique has continued to endear itself to cybercriminals, with its simplicity, which makes malware infections easy to initiate.
Last month, Ukraine accused Russian government spies of uploading ...
Law enforcement taskforce takes down cybercriminals in ‘Operation Nova’
In a joint law enforcement operation that comprised of the US Federal Bureau of Investigation, the European Union Agency for Law Enforcement Cooperation, and other national police forces, three virtual private network services and web hosting provisions used by cybercriminals were taken down.
Th...
Criminals more successfully spoof banks and financial services
Bitdefender published a new report that says the stay-at-home model of working, online shopping, and online banking are perfect hunting grounds for criminals.
Recently, they have started spoofing banking emails more, hoping to defraud customers. More than a third of all incoming emails related t...
DDoS attacks are increasingly becoming cheaper and easier to execute
Distributed Denial of Service (DDoS) is getting more sophisticated and intricate while becoming cheaper and easier to carry out. This trend is fuelled by the sheer amount of insecure internet-connected devices (specifically IoT products) that cybercriminals take advantage of.
DDoS attacks aren't...
Hackers are using old techniques with a twist to great effect
Being a cybercriminal means being creative and coming up with new ways to breach a network. Usually, some innovation allows the breach of a system. However, while some of the actors out there are working on new ways to get into networks, others use time-tested methods.
In a new report by K...