What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in Cyberattacks

Google Services Weaponized to Bypass Security in Phishing, BEC Campaigns

Attackers exploiting an array of Google Services, including Forms, Firebase, Docs and more to boost phishing and BEC campaigns. A spike in recent phishing and business email compromise (BEC) attacks can be traced back to criminals learning how to exploit Google Services, according to research from Armorblox. Social distancing has . . . Read more

Zoom Takes on Zoom-Bombers Following FTC Settlement

The videoconferencing giant has upped the ante on cybersecurity with three fresh disruption controls. Zoom has once again upped its security controls to prevent “Zoom-bombing” and other cyberattacks on meetings. The news comes less than a week after Zoom settled with the Federal Trade Commission over false encryption claims. Two . . . Read more

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut

A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what’s on offer. Cybercriminals are embracing cloud-based services and technologies in order to accelerate their attacks on organizations and better monetize their wares, researchers have . . . Read more

Nation-State Attackers Are Actively Targeting COVID-19 Vaccine-Makers

Three major APTs are involved in ongoing compromises at pharma and clinical organizations involved in COVID-19 research, Microsoft says. Three nation-state cyberattack groups are actively attempting to hack companies involved in COVID-19 vaccine and treatment research. Russia’s APT28 Fancy Bear, the Lazarus Group from North Korea and another North Korea-linked . . . Read more

Ultimate Member Plugin for WordPress Allows Site Takeover

Three critical security bugs allow for easy privilege escalation to an administrator role. A WordPress plugin installed on more than 100,000 sites has three critical security bugs that each allow privilege escalation – and potentially full control over a target WordPress site. The plugin, called Ultimate Member, allows web admins . . . Read more

Crippling Cyberattacks, Disinformation Top Concerns for Election Day

Cyber-researchers weigh in on what concerns them the most as the U.S. heads into the final weekend before the presidential election — and they also highlight the positives. What keeps researchers up at night leading up to Nov. 3 isn’t election-day winners and losers. Most cite possible attacks on local . . . Read more

Wisc. GOP’s $2.3M MAGA Hat Debacle Showcases Fraud Concerns

Scammers bilked Wisconsin Republicans out of $2.3 million in a basic BEC scam — and anyone working on the upcoming election needs to pay attention.    The Wisconsin Republican party’s war chest is lighter by $2.3 million after scammers posing as MAGA-hat vendors were able to spoof invoices in what . . . Read more

Louisiana Calls Out National Guard to Fight Ransomware Surge

An investigation showed a custom backdoor RAT and the Emotet trojan in the networks of municipal victims of the attacks. The National Guard has been called in to help stop a series of government-focused ransomware attacks in Louisiana, according to a report. Local government offices across the Pelican State have . . . Read more

Bug Parade: NSA Warns on Cresting China-Backed Cyberattacks

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.