Cybercrime & Digital Threats

A recent BEC campaign targets organizations by sending them emails with IMG (disk imaging) file attachments hiding a NetWire remote access trojan.

A new sextortion scheme threatens to expose nude videos supposedly captured via victims' mobile phones and home cameras.

A hacker published a massive list of Telnet usernames and passwords for more than 515,000 servers, routers, and IoT devices.

On January 17, Microsoft published an advisory (ADV200001) warning users about CVE-2020-0674, a remote code execution (RCE) vulnerability involving Microsoft’s Internet Explorer (IE) web browser.

An updated version of mobile malware FakeToken was found sending massive numbers of offensive messages to foreign countries.

A Texas school district is investigating an email phishing attack after a series of transactions resulted in the loss of an estimated US$2.3 million.

The Sodinokibi ransomware ended the year with a bang by launching a new round of attacks aimed at multiple organizations, including the Albany International Airport and the foreign exchange company Travelex.

The cryptocurrency-miner, a multi-component threat comprised of different Perl and Bash scripts, miner binaries, the application hider Xhide, and a scanner tool, propagates by scanning vulnerable machines and brute-forcing (primarily default) credentials.

As the new year rolls in, new developments in different ransomware strains have emerged. Here we discuss the different techniques that Clop, DeathRansom, and Maze ransomware use and the ways users and organizations can protect themselves against infection.