Cybercrime & Digital Threats
- January 23, 2020A recent BEC campaign targets organizations by sending them emails with IMG (disk imaging) file attachments hiding a NetWire remote access trojan.
- January 22, 2020A new sextortion scheme threatens to expose nude videos supposedly captured via victims' mobile phones and home cameras.
- January 21, 2020A hacker published a massive list of Telnet usernames and passwords for more than 515,000 servers, routers, and IoT devices.
- January 20, 2020On January 17, Microsoft published an advisory (ADV200001) warning users about CVE-2020-0674, a remote code execution (RCE) vulnerability involving Microsoft’s Internet Explorer (IE) web browser.
Mobile Banking Trojan FakeToken Resurfaces, Sends Offensive Messages Overseas from Victims’ AccountsJanuary 16, 2020An updated version of mobile malware FakeToken was found sending massive numbers of offensive messages to foreign countries.
- January 15, 2020A Texas school district is investigating an email phishing attack after a series of transactions resulted in the loss of an estimated US$2.3 million.
- January 13, 2020The Sodinokibi ransomware ended the year with a bang by launching a new round of attacks aimed at multiple organizations, including the Albany International Airport and the foreign exchange company Travelex.
Cryptocurrency Miner Uses Hacking Tool Haiduc and App Hider Xhide to Brute Force Machines and ServersJanuary 09, 2020The cryptocurrency-miner, a multi-component threat comprised of different Perl and Bash scripts, miner binaries, the application hider Xhide, and a scanner tool, propagates by scanning vulnerable machines and brute-forcing (primarily default) credentials.
- January 06, 2020As the new year rolls in, new developments in different ransomware strains have emerged. Here we discuss the different techniques that Clop, DeathRansom, and Maze ransomware use and the ways users and organizations can protect themselves against infection.