Cybercriminals appear to have finally figured out a way to launch highly effective distributed denial-of-service (DDoS) attacks using TCP amplification — something most attackers have typically avoided under the assumption it cannot be done efficiently. Security vendor Radware this week said its researchers over the past 30 days have observed multiple criminal campaigns involving the…

Despite a nearly four-month absence, the return of Emotet within the last two weeks of September accounted for nearly 12 percent of all malicious email samples in Q3, delivering millions of messages with malicious URLs or attachments, Proofpoint found. Emotet returns, organizations need to react “Emotet’s return to the threat landscape and the latest sextortion…

The number of phishing attacks continued to rise into the autumn of 2019, according to APWG. The total number of phishing sites detected in July through September 2019 was 266,387. This was up 46 percent from the 182,465 seen in the second quarter of 2019, and almost double the 138,328 seen in Q4 2018. “This…

Attackers are exploiting Docker Engine deployments that are exposed to the internet without authentication to deploy and run cryptojacking malware on servers. A new cryptojacking botnet with self-spreading capabilities has infected over 2,000 such Docker deployments so far. “There have been incidents of cryptojacking malware spreading as a worm, but this is the first time…

Phishing attacks continued to rise into the summer of 2019 with cybercrime gangs’ focus on branded webmail and SaaS providers remaining very keen, according to the APWG report. The report also documents how criminals are increasingly perpetrating business email compromise (BEC) attacks by using gift card cash-out schemes. The number of phishing attacks observed in…

Cybercriminals from around the world are actively discussing how to compromise connected devices, and how to leverage these devices for moneymaking schemes, according to Trend Micro. Trend Micro Research analyzed forums in the Russian, Portuguese, English, Arabic, and Spanish language-based underground markets to determine how cybercriminals are abusing and monetizing connected devices. The results reveal…

The North American Electric Reliability Corporation (NERC) reports that a cyberattack on the US power grid earlier this year was caused by a target entity’s network perimeter firewall flaw. On March 5, 2019, an incident targeted a “low-impact” grid control center and small power generation sites in the western US, according to an E&E News…

The state of Texas is so far refusing to comply with the demands of a ransomware attack that affected 22 local governments, the Texas Department of Information Resources (DIR) reports. None of the affected municipalities have paid the $2.5 million ransom demanded. On August 16, a coordinated ransomware campaign hit systems of cities and towns…

Cyber extortionists’ ransom demands have surged in recent years, as ransomware cotinues to cripple the operations of manufacturers, hospitals, and — most recently — local governments. Yet those demands may have hit an upper limit. On September 4, Mayor Jon Mitchell of New Bedford, Mass., announced that the town refused to pay a $5.3 million…