Security researchers detected a clever new phishing campaign that abused three enterprise cloud services in an attempt to steal victims' credentials. On July 18, Bleeping Computer revealed that the phishing campaign's attack emails claimed to originated from the domain "servicedesk.com." The computer self-help site took a closer look. In the process...

A Security Analyst, A Lead Developer, And A Cloud IT Admin Walk Into A Bar... Stop me if you’ve heard this one before. When we talk to users about the ways that they handle roles and responsibilities associated with keeping their Cloud accounts secure, we get a multitude of answers. There’s often a wide range of people and teams from various parts...

The demand for cloud computing has skyrocketed in recent years. Lower costs, a faster time to market, increased employee productivity, scalability, and flexibility are some of the beneficial factors motivating organizations to move to the cloud. It’s not likely that organizations will slow down with their migration plans, either. According to market...

U.S. law enforcement arrested and charged a man with fraudulently obtaining loans via the Paycheck Protection Program (PPP). On July 16, Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department’s Criminal Division and U.S. Attorney Nicola T. Hanna of the Central District of...

Security researchers discovered a new Android banking malware family called "BlackRock" that targets 337 mobile applications. ThreatFabric found that BlackRock hid its icon when it first launched itself on a mobile device. It then posed as a Google update in an attempt to gain access to a user's Accessibility Service. Once it received access to...

What the heck has happened on Twitter? Twitter accounts, owned by politicians, celebrities, and large organisations suddenly started tweeting messages to their many millions of followers, at the behest of hackers. What did the messages say? Here is a typical one which appeared on the account of rapper, songwriter, and optimistic Presidential...

Being a cybersecurity company in these turbulent times puts us at Tripwire, to some degree, on the front-line. Working with the largest organisations in government, finance and critical national infrastructure, we see good and bad every day. In a confusing hybrid war where APT groups launch attacks that could potentially turn out the lights, it is...

Research into recent ransomware submissions revealed that more than a tenth of crypto-malware infections now involve some element of data theft. In the second quarter of 2020, ID Ransomware received 100,001 submissions of crypto-malware pertaining to attacks that had targeted organizations and government entities. Of those attacks, 11,642 involved...

For healthcare organizations that handle a lot of patient data, including very sensitive information, cloud computing is a revolution to data storage. Cloud computing in healthcare lowers data storage costs (compared to the old paper-storage era), enables easy retrieval of patient data and also improves the privacy of patient information. This has...

Today’s VERT Alert addresses Microsoft’s July 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-895 on Wednesday, July 15th. In-The-Wild & Disclosed CVEs CVE-2020-1463 A vulnerability in the SharedStream Library could allow a locally authenticated attacker to run a malicious...

A man received prison time for helping to conduct an identity theft and fraud scheme that targeted thousands of veterans and U.S. service members. On July 9, the Office of Public Affairs at the U.S. Department of Justice announced that Chief U.S. District Judge Orlando Garcia had sentenced 32-year...

Containers are on the rise. As reported by GlobalNewswire, Allied Market Research estimated that the application market would grow from its 2016 value of $698 million to $8.20 by 2025. With a compound annual growth rate of 31.8% between 2018 and 2025, this increase would largely reflect both the surge in popularity in application container...

Security researchers observed some variants of the TrickBot malware family mistakenly warning victims that they had suffered an infection. Advanced Intel's Vitali Kremez traced the mistake to "password-stealing grabber.dll." This module is responsible for stealing browser credentials and cookies from Google Chrome, Microsoft Edge and other web...

Virtual Private Networks, or VPNs, are not exactly a new technology. When I started my career in IT about 15 years ago, VPN tunnels were the standard way we connected remote offices by extending private networks over the public Internet. Recently, as workforces continue to decentralize due to the rise of Cloud Computing as well as the current...

Security researchers found evidence that the Conti ransomware strain could be a possible successor to the Ryuk crypto-malware family. Vitali Kremez, strategic advisor for SentinelLabs, analyzed both Conti and Ryuk. He found that the former appeared to be based on the code of the latter's second version. He also observed Conti to be using the same...

Things just got serious. Business Email Compromise is no longer solely the province of chancers and opportunistic Nigerian actors such as the Yahoo Boys. Organised criminal gangs with a high level of professionalism have seen the opportunity and seized it. Security researchers at Agari have published a report detailing their investigations into a...

Security researchers detected a new variant of the Joker spyware family that had infiltrated Google Play and had begun abusing an old trick to target users. Check Point Research found that the authors of Joker, a dropper and premium dialer spyware, had once again modified their creation's code so that the malware would bypass the Play Store's...

The highly anticipated structural update to the MITRE ATT&CK framework was released July 8th, 2020. After a quiet first half of the year, it appears the ATT&CK team has been putting in lots of work into some significant redesign of the framework’s structure. This update introduces a new layer of abstraction: sub-techniques. ATT&CK is a taxonomy of...

I’ve worked in the IT field for over 30 years. 20 of those years have been spent in the network security field, employed by some of the largest names in the industry. But to my family, I’m still just the guy who “works with computers”. Many of my family are not computer savvy, which is a nice way of saying I had to teach them where the power button...

Renewable energy company EDP Renewables notified its landowners of a ransomware attack that it suffered in the spring of 2020. In a sample notification letter received by the Attorney General's Office of Vermont, EDP Renewables informed its landowners that its information systems had suffered a...