A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By...

Tripwire's August 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Apple. Up first on the patch priority list this month are patches for Microsoft and Apple for vulnerabilities that have been integrated into various exploits. Metasploit has recently added exploits for Microsoft .NET Framework,...

Security configuration management (SCM) involves maintaining a secure baseline configuration for an organization’s systems and monitoring those assets for deviations from that baseline. This fundamental control pairs well with other elements of an organization’s security strategy. As such, SCM enables security teams to harden their organization’s...

Researchers observed that the Emotet gang had incorporated a new "Red Dawn" template into their weaponized Word Documents delivered to users. Until recently, Emotet's handlers had been targeting users with a iOS-themed document template for their malicious Word documents. The template explained that a sender had created the document on iOS, and it...

During the previous weeks, we provided a thorough overview of the EU NIS Directive, focusing on the Operators of Essential Systems (OES), the Digital Service Providers (DSP) and the compliance frameworks. Our review of the EU cybersecurity policy and strategy would be incomplete without mentioning the EU Cybersecurity Act. On 27 June, the European...

La mayoría de los clientes tienen en mente "ahorrar dinero" al pasarse a la nube. El "cloud deployment" de Google y encabezados de blogs y sitios de noticias están dominados por artículos positivos que ofrecen evidencia anecdótica de cómo la nube puede ahorrar dinero a los clientes. Más comúnmente, los consultores en la nube o los proveedores de la...

North Korea's BeagleBoyz team resumed its efforts to target banks worldwide with fraudulent money transfers and ATM cash outs. On August 26, the Cybersecurity and Infrastructure Security Agency (CISA) published Alert (AA20-239A) in coordination with the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber...

According to its own website, FedRAMP serves three different of partners: federal agencies, Cloud Service Providers (CSP) and third-party assessment organizations. This article will focus on CSPs and how a good CSP can provide services that provide monetary savings for your agency. Cloud Service Providers (CSP) and FedRAMP FedRAMP’s defines Cloud...

New Zealand's stock exchange suffered its second distributed denial-of-service (DDoS) attack within a matter of two days. According to Reuters, cash market trading on the floor of the New Zealand's Exchange (NZX) came to a halt at 11:24 local time on August 26. Trading resumed several hours later at...

There is a story from years ago about a warehouse network of computers that was separated from the main network. Those machines were running older OSes. But since they weren't connected to the company network, didn't hold company data, and only ran the warehouse machines, they were deemed secure. One day, the sysadmin noticed that all of those...

Today, data analytics, automation, connectivity, and remote monitoring have made great progress and have brought innovations in every sphere of modern civilization. The digitization in day-to-day human activities has been revolutionized by the Internet of Things (IoT). Based on Gartner’s Forecast database, we can expect that there will be...

Gone are the days when security teams could focus all of their efforts on keeping attackers out of the network. There’s no inside or outside anymore. The modern network is porous; it allows greater numbers and types of devices to connect to it from all over the world. This characteristic might serve organizations’ evolving business needs as they...

Iranian actors leveraged the Remote Desktop Protocol (RDP) as part of an international campaign to target companies with Dharma ransomware. Group-IB uncovered the campaign while conducting an incident response engagement for a Russian company in June 2020. As part of its investigation, the digital security solutions provider's digital forensics team...

After the global outbreak of coronavirus 2019 (COVID-19), organizations quickly transitioned to remote work in order to enforce social distancing and to keep their employees safe. But this work-from-home arrangement opened up organizations to more risk as well as less redundancy and resilience. That’s especially the case for organizations with...

Accidents or mistakes are bound to happen. Even if healthcare providers and business associates are compliant to HIPAA Standards, there is always a possibility of unintentional or accidental disclosure of Protected Health Information (PHI). Accidental disclosure of PHI includes sending an email to the wrong recipient and an employee accidentally...

The University of Utah paid a fee of more than $450,000 to attackers after they infected a portion of its servers with ransomware. The University of Utah's CSBS building. On July 19, 2020, the Information Security Office (ISO) notified the university's College of Social and Behavioral Science (CSBS)...

Experian South Africa announced that it's in the process of investigating a security incident involving a fraudulent data inquiry. On August 19, the South African branch of the consumer credit reporting agency said in a web statement that a South African individual purporting to represent a...

On August 15th the NSA and FBI published a joint security alert containing details about a previously undisclosed Russian malware. The agencies say that the Linux strain malware has been developed and deployed in real-world attacks by Russian military hackers. The FBI says, “The Russian General Staff Main Intelligence Directorate (GRU) 85th Main...

A friend of mine received an interesting piece of snail mail the other day. It was one of those inheritance scam letters that usually arrive in E-Mail. An image of the letter is shown below: In summary, the author, a high-ranking bank official, has an unclaimed inheritance that he is willing to split...

Security researchers released a decryption tool that enables victims of WannaRen ransomware to recover their files for free. On August 19, Bitdefender announced that it had made a WannaRen decryption utility publicly available for download. The security firm urged victims of this ransomware to save the decryptor somewhere on their computer after...