Office 365 Flaw Made Fake Microsoft Emails Look Legitimate
A flaw in Office 365 could have been exploited by attackers to send out malicious emails and make them look as if they were coming from a legitimate microsoft.com address. The issue was discovered by Utku Sen, a Turkey-based security enthusiast known for releasing an open source ransomware called Hidden Tear for educational purposes.
How security collaboration will prove vital in 2017
The escalation of high-profile hacking and data dumps recently has underscored the increasing boldness of digital threat actors, culminating in July’s Democratic National Committee email leak and its ripple effect through American politics. The group behind the hack and its attack patterns were known, and yet the attack was not thwarted, leaving many questions as…
Malware asks for a selfie as it steals your information
Not content with stealing your financial details, personal information, and login credentials, there’s now an Android banking Trojan that also asks victims to take a selfie with their ID cards. McAfee Labs’ Mobile Research Team discovered the malicious application, which is a new variant of the Acecard Trojan Malware (aka Torec) that was first identified…
Do You Need a Threat Intelligence Team?
I have the great opportunity to spend time with CSOs and IT executives to understand their cybersecurity concerns and help them map out a strategy for success. An increasingly common question I’ve been hearing is, “Does my organization need a threat intelligence team?” Adding threat intelligence capabilities to your organization can be valuable, with their…
Ransomware success creates apathy towards traditional antivirus software
In the last 12 months, 48 percent of organizations across the globe have fallen victim to a ransomware campaign, with 80 percent indicating that they’ve suffered from three or more attacks, according to a global survey conducted by Vanson Bourne. In response to ransomware attacks, 67 percent of businesses globally have increased IT security spending,…
Attacks to make Ask.com Toolbar a conduit for malware are nipped in the bud
Attackers who were trying to turn the Ask.com Toolbar into a malware dispensary got caught early on when their scheme was picked up by security services that were looking for anomalies. The malicious actors are unknown but they managed to get the legitimate Ask.com toolbar update feature to place a dropper/uploader into the browsers of…
Encryption ransomware hits record levels
The amount of phishing emails containing a form of ransomware grew to 97.25 percent during the third quarter of 2016 up from 92 percent in Q1. PhishMe’s Q3 2016 Malware Review identified three major trends previously recorded throughout 2016, but have come to full fruition in the last few months:
Carbanak Hackers Hit Hospitality Firms With New Tactics
The prolific Carbanak crime group has recently zoned in on the hospitality sector and adopted a new attack methodology, Trustwave security researchers warn. The security firm analyzed three separate attacks, two targeting hospitality clients and one aimed at a restaurant chain, and found that all three featured the modus operandi of the infamous hacking group….
Cyber risk in advanced manufacturing: How to be secure and resilient
Nearly half of surveyed manufacturing executives lack confidence their assets are protected from external threats, according to a new study from Deloitte and the Manufacturers Alliance for Productivity and Innovation (MAPI). Study results indicate nearly 40 percent of surveyed manufacturing companies were affected by cyber incidents in the past 12 months, and 38 percent of…
Akamai: Look for IoT devices to attack during Thanksgiving, Christmas
The annual holiday uptick in denial of service attacks will likely continue this year only this time with a new devastating weapon: Internet of Things (IoT) devices, according to Akamai. In its quarterly State of the Internet/Security Report, the company says certain types of DDoS attacks are on the rise compared to the third quarter…