Google is taking another step to better protect users from malicious third-party web applications: it is now warning users of newly created web apps and Apps Scripts that are pending verification. The move follows a series of similar protective measures the Internet giant announced earlier this year, after many of its users were hit by …
After an analysis of the encryption routine of the malware used in the Petya/ExPetr attacks, we have thought that the threat actor cannot decrypt victims’ disk, even if a payment was made. This supports the theory that this malware campaign was not designed as a ransomware attack for financial gain. Instead, it appears it was …
When a ransomware outbreak exploded from Ukraine across Europe yesterday, disrupting companies, government agencies, and critical infrastructure, it at first appeared to be just another profit-focused cybercriminal scheme—albeit a particularly vicious and damaging one. But its origins in Ukraine raised deeper questions. After all, shadowy hackers have waged a cyberwar there for years, likely at …
Industrial companies from around the world have been targeted in phishing attacks believed to have been launched by cybercriminals located in Nigeria, Kaspersky Lab reported on Thursday. In October 2016, Kaspersky’s Industrial Control Systems Cyber Emergency Response Team (ICS CERT) noticed a significant increase in malware infection attempts aimed at industrial organizations in the metallurgy, …
Security researchers have discovered a new vulnerability caught leaking vast swathes of personal information from legitimate mobile applications found on both Apple and Google marketplaces, with fears rising the compromised data could be used to fuel future cyberattacks. Experts from Appthority, a security firm, found 43 terabytes-worth of exposed data and more than 1,000 applications …
News Overview Thanks to IoT botnets, DDoS attacks have finally turned from something of a novelty into an everyday occurrence. According to the A10 Networks survey, this year the ‘DDoS of Things’ (DoT) has reached critical mass – in each attack, hundreds of thousands of devices connected to the Internet are being leveraged. The fight …
A bug in the Twitter social network allowed an attacker to post tweets as a different user without having access to the victim’s account. Discovered by a security researcher going by the name of kedrisec, the issue was reported to Twitter on February 26 and was resolved two days later. The vulnerability was assessed High …
You may be already aware that on May 12, 2017 many of Microsoft’s customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyber attacks, such as the ones reported today, was painful. Microsoft worked throughout the weekend to ensure they understood …
The Ministry of Finance (MoF) is warning the general public of a phishing scam on social media which asks them to email personal financial information to the following address: ministryoffinancefortrinidad@gmail.com This email is FRAUDULENT. Fraudsters are purporting to offer grants and loans through the MoF, the International Monetary Fun (IMF) and similar bodies Should anyone …
Ransomware attacks are not only becoming more common, they’re becoming more creative. This advanced malware that once targeted users directly is now being deployed via remote exploits of unsecured web servers running WordPress and, now, JBoss. According to Cisco’s Talos threat intelligence organization, a new type of ransomware called SamSam is targeting enterprises running vulnerable …