Cybercrime & Digital Threats

Over 12,000 MongoDB databases have been deleted, with hackers demanding ransom in return for their restoration. A security researcher has connected these attacks with hacking group Unistellar.

The cybercriminal group Magecart has struck again, this time injecting their payment card data-skimming script into the subscription page of Forbes Magazine.

Cybercriminal group ScarCruft has recently developed Bluetooth device-harvesting malware that collects Bluetooth device information such as names, device addresses, device types, as well as connection and authentication information.

A sophisticated Microsoft Exchange server backdoor gives hackers access to incoming and outgoing email. They would be able to intercept, redirect, and modify emails as well as send messages on behalf of the compromised victims.

The sustained prevalence of brand impersonation in phishing attacks is further demonstrated in a new report which listed the most impersonated brands in the first quarter of 2019.

A new ransomware dubbed MegaCortex has been targeting business networks across the world. The sudden surge in activity was noted by cybersecurity firms and researchers, and further investigation shows how complex this particular ransomware is.

More than 1.5 million malicious and spam emails were sent from thousands of compromised Office 365 accounts in March 2019 alone, a new report reveals.

Microsoft is changing their baseline for password-expiration policies in Windows. The proposal is a move from the previous policy that requires users to change their login passwords periodically.

BEC threat actors are expanding from their traditional enterprise victims toward nonprofit and religious organizations, with a recent incident involving a church.