Security researchers spotted BlackWater malware leveraging a Cloudflare Worker for command-and-control (C&C) functionality. MalwareHunterTeam observed that the threat activity began with an RAR file called "Important - COVID-19.rar." The file pretended to contain important information about the global COVID-19 outbreak, an event which other malware...

First and foremost, our hearts go out to those around the world impacted by the COVID-19 virus. The director of the U.S. Center for Disease Control & Prevention (CDC), who advises the country on public health, has indicated that the risk to the general public remains low and encourages Americans to go about their lives. Businesses and local...

The website for a public health department in Illinois went down after the agency suffered a NetWalker ransomware attack. According to local media reports, officials at the Champaign-Urbana Public Health District (C-UPHD) became aware of the ransomware attack on March 10 when the department's website went down. It took the agency, which serves 210...

Attackers are increasingly exploiting the fact that email gateways turn a blind eye to links to popular sites such as YouTube, in order to phish passwords from unsuspecting computer users. Researcher Ashley Trans of Cofense highlighted the threat in a blog post describing a recent phishing campaign. In the attack, an unsuspecting user receives an...

MITRE has been doing exceptional work in advancing cybersecurity as a public good, and it is an excellent resource for security professionals. Possibly best known for their ATT&CK Framework, a rich source of adversarial tactics and techniques and their mitigations, MITRE is also known for another resource: the Common Weakness Enumeration (CWE). The...

The skills gap is weighing heavily on the minds of digital security team members. In a survey of 342 security professionals, Tripwire found that 83% of infosec personnel felt more overworked in 2020 than they did a year earlier. An even greater percentage (85%) stated that it had become more difficult for their organizations to hire skilled security...

Security researchers detected a spam campaign leveraging Internet Query (IQY) files in an attempt to distribute Paradise ransomware. Lastline observed that the campaign began by trying to trick users into opening an IQY file, an Excel-readable text file which downloads data from the web. As such, this file retrieved a malicious Excel formula from...

Arguably, the first malware extortion attack occurred in 1988 – the AIDS Trojan had the potential to be the first example of ransomware, but due to a design flaw, the victims didn’t end up actually having to pay up the 189 bucks. It’s safe to say that over the past 31 years, attackers have perfected the ransomware craft, with organizations shelling...

Today’s VERT Alert addresses Microsoft’s March 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-874 on Wednesday, March 11th. In-The-Wild & Disclosed CVEs Microsoft has not identified any of the vulnerabilities released this month as having been identified in-the-wild or publicly...

Digital fraudsters incorporated a chatbot into their phishing scam for the purpose of helping victims hand over their personal information. In a scam discovered by MalwareHunterTeam and shared with Bleeping Computer, digital attackers targeted Russian users with fake refunds of 159,700 rubles ($2,100) for unused web and phone services. The campaign...

It’s an unfortunate reality that cyber attacks on the U.S. 2020 election are likely to happen. However, while this is a potent threat to democracy, an even greater threat is to not take the necessary actions to prevent these attacks until it is too late. There are many different types of cyberattacks that the U.S. 2020 election could face. ...

The Office of Australian Information Commissioner (OAIC) filed a lawsuit alleging that Facebook violated the privacy of over 300,000 of its Australian users. On March 9, OAIC announced that it had submitted court documents against Facebook. In those materials, it argued that Facebook had improperly...

With regard to BCSI (BES (Bulk Electric System) Cyber System Information) in the cloud, responsible entity sentiments at the moment may be akin to Prince Hamlet as he contemplated death and suicide, “bemoaning the pain and unfairness of life but acknowledging that the alternative might be worse.” As currently written and subject to enforcement,...

Researchers observed digital attackers employing expired security certificates as a disguise to distribute the Buerak downloader and Mokes malware. Kaspersky Lab learned of a new attack method in which malicious actors leveraged infected websites to warn visitors of an expired security certificate. The Russian security firm traced the first...

In an ever-evolving security world, we need to secure more with even fewer resources. While the cybersecurity skills gap increases, leaving "350,000 U.S. cybersecurity jobs unfilled yearly," it is vital to work together to protect our environments and educate others. Creating a customer community can do just that. Having a digital space with like...

Mobile telecommunications company T-Mobile disclosed a data security incident that might have exposed the account information of some of its customers. T-Mobile's Cybersecurity team learned of the incident when it discovered an attack against its email vendor. The team responded by shutting down the...

The most recent National Institute of Standards and Technology (NIST) guidelines have been updated for passwords in section 800-63B. The document no longer recommends combinations of capital letters, lower case letters, numbers and special characters. Yet most companies and systems still mandate these complexity requirements for passwords. What...

If you have a familiarity with any information security frameworks and certifications, it’s more than likely you have heard of International Organisation for Standardisation (ISO) and possibly the International Electrotechnical Commission (IEC). From my experience, the most commonly referred to business-level security related certifications are ISO...

Non-profit certificate authority (CA) Let's Encrypt announced it will revoke more than three million digital certificates due to a software bug. On March 3, Let's Encrypt revealed its plan to revoke 3,048,289 currently-valid certificates. That figure represented approximately 2.6% of the CA's approximately 116 million active certificates at the time...