The attacks start with spear-phishing messages that employ lures relevant to the targeted organizations, such as aviation, travel, and cargo, and deliver an image that pretends to be a PDF file and which contains an embedded link. The attackers abuse legitimate web services and they leverage a newly identified loader dubbed Snip3 for the delivery…

Initially observed in Spain, FluBot has since expanded operations to reach Germany, Hungary, Italy, Poland, and the UK as well, with tens of thousands of malicious SMS messages that leverage FedEx, DHL, and Correos lures being sent hourly. The malware is believed to have made over 7,000 victims in the UK alone, where the campaign…

Attacks against the supply chain have been growing in quantity and gravity for several years, culminating in SolarWinds. Most discussion has focused on the software supply chain, but a new study shows that the physical logistics supply chain is equally subject, and susceptible, to cyberattacks. The Covid-19 pandemic has increased and highlighted the world’s reliance…

Organized crime is not limited to cybercrime, but cybercrime has become a major part of organized criminal activity. Europol sees this increasing – business transformation, the increasingly digital society, and the growth of remote working all provide new vulnerabilities and more opportunities for exploitation. “Critical infrastructures will continue to be targeted by cybercriminals in the…

IoT security company Forescout on Tuesday revealed that four popular TCP/IP stacks — specifically FreeBSD, Siemens’ Nucleus, IPnet and NetX — are affected by a total of nine DNS-related flaws that can be exploited for remote code execution (including to take control of targeted devices), DoS attacks, and DNS cache poisoning. The vulnerabilities, collectively tracked…

With the COVID-19 pandemic forcing many organizations to switch to telework, interactive communication platforms such as Discord and Slack saw increased adoption and adversaries didn’t wait long to start abusing these tools. According to Cisco’s Talos researchers, the past year has shown a significant increase in the abuse of such platforms as part of malicious…

The malicious code, discovered in late March, was found in the php-src repository hosted on the git.php.net server and it was apparently designed to allow an attacker to remotely execute arbitrary PHP code. PHP developers said the backdoor was discovered before it was pushed out to users via an update. Initially, users were told that…