Categories
Cyber Security Phishing Ransomware Vulnerability

CloudSEK Daily Threat Bulletin – 2nd March 2020

Round Up of Major Breaches and Scams ‘SurfingAttack’ allows attackers to remotely control voice-controlled devices A new omni-directional attack method called SurfingAttack, allows attackers to control voice-controlled devices from a distance, without the victim’s knowledge. Attackers can use voice commands to instruct voice assistants to reveal sensitive data such as SMS authentication codes for online…Continue readingCloudSEK Daily Threat Bulletin – 2nd March 2020

Categories
Cyber Security Ransomware TrickBot

CloudSEK Daily Threat Bulletin – 28th February 2020

Round Up of Major Breaches and Scams Error in official Walgreens app exposes users’ personal data An error in the official app of US pharmacy chain Walgreens allowed users to view other users’ names, prescriptions, store number, and shipping addresses. The company announced that for a week, an error in the app’s personal secure messaging…Continue readingCloudSEK Daily Threat Bulletin – 28th February 2020

Categories
Cyber Security Malware Phishing Ransomware

CloudSEK Daily Threat Bulletin – 27th February 2020

Round Up of Major Breaches and Scams Phishing campaign uses fake NortonLifelock documents to distribute RAT Researchers have discovered a phishing campaign, which uses fake NortonLifelock documents, to bait users into installing a RAT (remote access tool). The password-enabled document contains a malicious macro, which is executed, once the document is enabled by the victim.…Continue readingCloudSEK Daily Threat Bulletin – 27th February 2020

Categories
Cyber Security Malware Phishing Ransomware Spearphishing

CloudSEK Daily Threat Bulletin – 26th February 2020

Round Up of Major Breaches and Scams Law enforcement partner Clearview notifies customers of breach Law enforcement partner Clearview has notified its customers of a breach that exposed the list of customers, their accounts, and their searches. The facial recognition platform, which is solely for law enforcement agencies, has purportedly collected ~3 billion facial images.…Continue readingCloudSEK Daily Threat Bulletin – 26th February 2020

Categories
CVE Cyber Security Emotet Malware Ransomware

CloudSEK Daily Threat Bulletin – 25th February 2020

Round Up of Major Breaches and Scams Threat group steals data by bypassing server firewall and masking C2 traffic What appears to be a state-sponsored threat group is using a technique called “Cloud Snooper” to bypass a server’s firewall to communicate with command and control (C2). The attackers deployed a rootkit that then installs a…Continue readingCloudSEK Daily Threat Bulletin – 25th February 2020

Categories
CVE Cyber Security Malware

CloudSEK Daily Threat Bulletin – 24th February 2020

Round Up of Major Breaches and Scams German PayPal users face a slew of fraudulent transactions Threat actors are using an unknown technique to perform fraudulent transactions, via Target and Starbucks stores in the US, on German residents’ PayPal accounts that are linked to GooglePay. Since 22nd February 2020 account holders have reported that first…Continue readingCloudSEK Daily Threat Bulletin – 24th February 2020

Categories
Cyber Security Malware Phishing

CloudSEK Daily Threat Bulletin – 21st February 2020

Round Up of Major Breaches and Scams 600 apps removed from Google Play Store for ad fraud Google has banned 600 apps from the Google Play Store, in an attempt to thwart ad fraud that tricks users into unintentionally clicking them. The Android apps, which were actively violating Google’s disruptive ads policy by displaying out-of-context…Continue readingCloudSEK Daily Threat Bulletin – 21st February 2020

Categories
Cyber Security Emotet Malware Ransomware Smishing

CloudSEK Daily Threat Bulletin – 20th February 2020

Round Up of Major Breaches and Scams 10 million+ records of MGM guests, now available on hacking forum 10 million records of MGM guests are now available for free on a hacking forum. The data, which was stolen during a security breach in July 2019, includes 3.1 million unique email addresses, names, addresses, and phone…Continue readingCloudSEK Daily Threat Bulletin – 20th February 2020

Categories
Cyber Security Malware Phishing Ransomware Spearphishing

CloudSEK Daily Threat Bulletin – 19th February 2020

Round Up of Major Breaches and Scams Facility of US natural gas operator shuts down due to ransomware attack A facility of a US natural gas operator was targeted by a ransomware attack that used poor segmentation of its IT-OT networks to infect Windows-based assets. The threat actor used a Spearphishing link to access their…Continue readingCloudSEK Daily Threat Bulletin – 19th February 2020

Categories
Cyber Security Malware Phishing Ransomware TrickBot

CloudSEK Daily Threat Bulletin – 18th February 2020

Round Up of Major Breaches and Scams WHO issues warning against Coronavirus themed phishing attacks The World Health Organization (WHO) has issued a warning about the growing threat of phishing attacks that are employing Coronavirus related content to deliver malware. There are phishing messages claiming to be from WHO officials, requesting victims to share usernames…Continue readingCloudSEK Daily Threat Bulletin – 18th February 2020