Cybercrime & Digital Threats
- April 02, 2019More than 13,000 Internet Small Computer Systems Interface (iSCSI) clusters were found to be unsecured and accessible over the public internet due to their owners’ failing to password-protect them.
- April 01, 2019Researchers discovered hundreds of compromised CMS sites delivering malicious payloads such as Shade ransomware and phishing pages to users.
- March 29, 2019Personal health information of over 350,000 consumers were potentially compromised after nine employees of the Oregon Department of Human Services (DHS) fell victim to a phishing attack.
- March 28, 2019Parisian authorities recently arrested five men for hacking gas station pumps and stealing 120,000 liters of petrol and diesel. This was possible because the stations did not change the default PIN code of their gas pumps.
- March 26, 2019A business email compromise (BEC) scheme took more than $100 million from Facebook and Google. Legitimate-looking invoices, contracts and more fooled the two tech companies and they wired millions to the fraudsters over a period of years.
- March 25, 2019In a survey commissioned by Trend Micro, nearly 50 percent of 1,125 chief information security officer (CISO) respondents shared that skills shortage is a cause for concern for their organizations.
Attackers Use Legacy IMAP Protocol to Bypass Multifactor Authentication in Cloud Accounts, Leading to Internal Phishing and BECMarch 22, 2019Brute-force attacks against user accounts in cloud services prove that multifactor authentication is only one part of an effective multilayered security implementation.
- March 14, 2019Trend Micro‘s Managed Detection and Response (MDR) and Incident Response teams investigated two separate Ryuk attacks with seemingly little in common with each other.
Threat Landscape in the Americas: How Managed Detection and Response Helps Address Persistent ThreatsMarch 07, 2019We look at the most pervasive information stealers, ransomware, and cryptocurrency-mining malware in the Americas in 2018 and how they highlight the significance of proactive threat detection and incident response capabilities.