Categories
APT Breach CVE Cyber Security Malware Phishing Spyware Vulnerability

Twitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more

Major cybersecurity events on 2nd April 2020: COVID-themed scams surge. Zoom’s popularity adversely impacts the remote conferencing giant through various malicious schemes. Facebook disables Instagram, Facebook impersonators’ accounts. New class of Windows vulnerabilities discovered.Continue readingTwitter bug caches private files, Facebook takes down fake accounts, Mandrake targets Aussies, MakeFrame targets SMBs, and more

Categories
Breach CVE Malware MiTM Phishing Ransomware Stalkerware Vulnerability

COVID-19 malware and phishing scams, fake Google domains, and more

Major cyber security incidents on 17th March 2020: Scammers use COVID-19 as a guise to spread malware and phishing mails. APT36 calls coronavirus a ‘golden opportunity’ to distribute Crimson RAT. MacOS bundleware installer capable of much more than a normal installation software.Continue readingCOVID-19 malware and phishing scams, fake Google domains, and more

Categories
Cyber Security Phishing Ransomware Vulnerability

CloudSEK Daily Threat Bulletin – 2nd March 2020

Round Up of Major Breaches and Scams ‘SurfingAttack’ allows attackers to remotely control voice-controlled devices A new omni-directional attack method called SurfingAttack, allows attackers to control voice-controlled devices from a distance, without the victim’s knowledge. Attackers can use voice commands to instruct voice assistants to reveal sensitive data such as SMS authentication codes for online…Continue readingCloudSEK Daily Threat Bulletin – 2nd March 2020

Categories
Cyber Security Malware Phishing Ransomware Spearphishing

CloudSEK Daily Threat Bulletin – 19th February 2020

Round Up of Major Breaches and Scams Facility of US natural gas operator shuts down due to ransomware attack A facility of a US natural gas operator was targeted by a ransomware attack that used poor segmentation of its IT-OT networks to infect Windows-based assets. The threat actor used a Spearphishing link to access their…Continue readingCloudSEK Daily Threat Bulletin – 19th February 2020

Categories
APT CVE DMA Ryuk TrickBot

CloudSEK Daily Threat Bulletin – 31st January 2020

In the last 24 hours, as the world still reels from the sale of 30 million cards on Joker’s Stash, the UN has confirmed that their servers were exploited because of a SharePoint flaw that was patched in March 2019. As testimony to the growing sophistication of hackers, a new attack strategy that uses HTML…Continue readingCloudSEK Daily Threat Bulletin – 31st January 2020