"New AtlasCross Hackers Use American Red Cross as Phishing Lure"

"New AtlasCross Hackers Use American Red Cross as Phishing Lure"

AtlasCross, a new Advanced Persistent Threat (APT) hacking group, uses phishing lures that impersonate the American Red Cross to deliver backdoor malware to organizations. The cybersecurity company NSFocus, has discovered two previously undocumented Trojans named DangerAds and AtlasAgent, which are linked to attacks launched by the new APT group. According to NSFocus, the AtlasCross hackers are sophisticated and evasive, making it difficult for researchers to determine their origin. This article continues to discuss findings and observations regarding the AtlasCross APT hacking group.

Submitted by Gregory Rigby on

"ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families"

"ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families"

ShadowSyndicate, formerly known as Infra Storm, may have used as many as seven different ransomware families over the course of the past year, according to cybersecurity experts. A new report by Group-IB and Bridewell says the threat actor collaborates with multiple ransomware groups and affiliates.

Submitted by Gregory Rigby on

"Xenomorph Android Malware Targets Customers of 30 US Banks"

"Xenomorph Android Malware Targets Customers of 30 US Banks"

The cybercriminals behind Xenomorph, a sophisticated Android banking Trojan that has been actively targeting European users for over a year, have recently shifted their focus to customers of more than two dozen US banks. Customers of major financial institutions such as Chase, Amex, Ally, Citi Mobile, Citizens Bank, Bank of America, and Discover Mobile are now in the threat actor's sights. ThreatFabric researchers discovered that new malware samples contain additional features that target multiple cryptocurrency wallets, including Bitcoin, Binance, and Coinbase.

Submitted by Gregory Rigby on

"Cl0p's MOVEit Attack Tally Surpasses 2,000 Victim Organizations"

"Cl0p's MOVEit Attack Tally Surpasses 2,000 Victim Organizations"

The number of organizations impacted by Cl0p via vulnerable MOVEit installations has surpassed 2,000, and the number of individuals affected has exceeded 60 million. Most victim organizations are US-based. According to Emsisoft researchers, finance and education are the most significantly affected industries, accounting for 13.8 percent and 51.1 percent of incidents, respectively. KonBriefing Research, an Information Technology (IT) market research company, reveals similar numbers and links to many companies' data breach notification alerts.

Submitted by Gregory Rigby on

"Sony Investigating After Hackers Offer to Sell Stolen Data"

"Sony Investigating After Hackers Offer to Sell Stolen Data"

Sony has recently announced that it has launched an investigation after a cybercrime group claimed to have compromised the company's systems, offering to sell stolen data.  The probe was launched after a relatively new ransomware group named RansomedVC listed Sony on its Tor-based website, claiming to have compromised all Sony systems.

Submitted by Adam Ekwall on

"Half of Cyberattacks Go Unreported"

"Half of Cyberattacks Go Unreported"

According to security researchers at Keeper Security, fear, ignorance, and forgetfulness are some of the reasons for widespread shortcomings in reporting cyberattacks and breaches, both internally and externally.  During the study, the researchers found that despite cyberattacks being top of mind for IT and security leaders, 40% of them said they had experienced one, and 74% admitted they were concerned about a future “cybersecurity disaster” impacting their organization.

Submitted by Adam Ekwall on

"Cybersecurity Researcher Can Make Self-Driving Cars Hallucinate"

"Cybersecurity Researcher Can Make Self-Driving Cars Hallucinate"

Northeastern University professor of engineering and computer science Kevin Fu, who specializes in discovering and exploiting new technologies, figured out how to make self-driving cars hallucinate. Fu hopes to get ahead of how hackers could exploit these technologies by exploring a new type of cyberattack, which is an "acoustic adversarial" form of Machine Learning (ML) that he and his team have dubbed Poltergeist attacks. This article continues to discuss Poltergeist attacks aimed at making self-driving cars hallucinate. 

Submitted by Gregory Rigby on

"Understanding Users' Perceptions of Security in Mobile Devices Using the Two-Step Cluster Analysis"

"Understanding Users' Perceptions of Security in Mobile Devices Using the Two-Step Cluster Analysis"

New research explores user perceptions of mobile device security and provides recommendations for users and manufacturers of such devices. A team of researchers at North-West University (NWU) in Mahikeng, South Africa, reveals findings regarding the awareness of mobile security issues of students in the region. A survey of 142 students at NWU showed that some students incorrectly believe mobile phones are inherently secure. Others are unaware that these devices can be less secure than desktop or laptop computers.

Submitted by Gregory Rigby on

"Cracking the Code: Why People Fall for Scams"

"Cracking the Code: Why People Fall for Scams"

In an interview with the University of New South Wale (UNSW) Business School, Dr. Kam-Fung Cheung, Lecturer at the School of Information Systems and Technology Management (ISTM), and Shesha J. Maheshwari, a research student at ISTM, stress the importance of understanding the psychological factors that make people susceptible to scams. According to the experts, financial desperation and a lack of awareness about evolving fraud techniques make many individuals fall for scams today. Dr. Cheung and Ms.

Submitted by Gregory Rigby on

"Spyware Can Infect Your Phone or Computer via the Ads You See Online"

"Spyware Can Infect Your Phone or Computer via the Ads You See Online"

People leave digital traces of what they did, where they went, who they communicated with, what they purchased, what they are considering purchasing, and much more. This data serves as a library of information for personalized ads sent to users by a sophisticated network, a lightning-fast automated marketplace of advertisers, publishers, and ad brokers. The ad networks are designed to protect identities, but people can still be identified and tracked by combining different pieces of data.

Submitted by Gregory Rigby on
Subscribe to