BEC, or Business Email Compromise, is a contemporary twist on a staple scam. Often in the shadow of the more extravagant, media-friendly super-hacks or ransomware compromises, BEC is leading the line on both the number of attack victims and the direct losses encountered by businesses. Although not as en vogue as other ‘nouveau’ cybersecurity threats, if you are simply looking at direct business costs, BEC leaves almost...
Read More
Cybercriminals are leveraging a recently patched critical Adobe Flash Player vulnerability in a massive spam campaign targeting unpatched computers. According to cybersecurity firm Morphisec, cybercriminals are blasting spam messages that urge recipients to click a link to download a Word document. And when a victim opens the document and enables macros, malware attempts to exploit an Adobe Flash Player bug (CVE-2018-4878) patched by Adobe earlier this month. Victims who fall...
Read More
Security experts at Cisco Talos disclosed details of a remote code execution flaw that affects Adobe Acrobat Reader DC versions 2018.009.20050 and 2017.011.30070 and earlier. Security experts at Cisco Talos shared details of a remote code execution vulnerability tracked as CVE-2018-4901, that affects Adobe Acrobat Reader DC. A remote attacker can exploit the vulnerability tricking the victim into opening a malicious file or visiting a specially crafted webpage....
Read More
Bitdefender has released a free decrypter that helps victims of GandCrab ransomware infections recover files without paying the ransom. The decrypter is available for download via the NoMoreRansom project, of which Bitdefender is a member of. Romanian Police and Romania’s DIICOT (Directorate for Investigating Organized Crime and Terrorism) announced the decrypter’s launch in statements published on their sites, minutes ago. Europol is also expected to make a formal announcement later today....
Read More
Security researchers from Duo Labs and the US Computer Emergency Response Team Coordination Center (CERT/CC) will release security advisories today detailing a new SAML vulnerability that allows malicious attackers to authenticate as legitimate users without knowledge of the victim’s password. The flaw affects SAML (Security Assertion Markup Language), an XML-based markup language often used for exchanging authentication and authorization data between parties. SAML’s most important use if...
Read More
Cryptojacking JavaScript can be launched in Word documents – New Word features that appeared in its latest version made it possible – MS Word now allows adding video into the document by inserting an iFrame code. The file size does not increase as the video is played through a headless web browser opened in a popup window. Amit Dori, a security researcher from Israel, who works with...
Read More
The sudden rise of cryptocurrency triggered a shift in the target landscape. Cybercriminals started adapting and using their resources to try acquiring cryptocurrencies, whether through pursuing repositories like Bitcoin wallets or by compromising networks and devices to mine the currency. This isn’t completely new — ransomware authors have been using bitcoin as their preferred currency for years. But more recently, we saw examples of cryptocurrency miners in late October of...
Read More
Consumers around the world that use mobile banking apps are at a greater risk of being tricked by cybercriminals and falling victim to mobile banking theft. This is according to new global research from Avast, which asked almost 40,000 consumers in Spain and eleven other countries around the world to compare the authenticity of official and counterfeit banking applicationinterfaces. Fraudulent software sometimes difficult to identify Globally, 58% of...
Read More
Who is asking Google to delist certain URLs appearing in search results related to their name, and what kind of requests does the search giant honor? The company has been keeping track of them since the “Right to be Forgotten” privacy ruling has been put into practice by the European Union, and since January 2016 the company’s reviewers have been manually annotating each requested URL...
Read More
The exploit kit landscape has continued its downfall started in the summer of 2016 and its leading player —the RIG exploit kit— has stopped delivering any ransomware strains in 2018, focusing now on spreading cryptocurrency miners (coinminers) and information-stealing trojans (infostealers). These are the main conclusions of months of observation by Palo Alto Network security researcher Brad Duncan. Exploit kit market continues to fall Duncan, one...
Read More
