Ransomware distributors have started to target managed service providers (MSPs) – providers that remotely manage a customer's IT infrastructure and end-user systems – in an effort to mass-infect the MSP’s clients in a single attack. Recent reports indicate multiple MSPs have been hacked, infecting thousands of clients with a ransomware known as GandCrab.
Source: Bleeping Computer
The advanced persistent threat (APT) group, Cobalt Strike, has been using Google App Engine to spread PDF malware against financial firms.
An ongoing campaign attempting to infect U.S. business users, believed to be perpetrated by the same actor carrying out the credit union scam, has been using LinkedIn to initiate a conversation and deliver a backdoor payload.
Source: Security Week
Proofpoint released their Threat Report for the fourth quarter of 2018, indicating continued high volumes of banking Trojans, downloaders, and information stealers relative to other malware families, as well as the increasing pervasiveness of remote access Trojans (RATs), the rapid influx of email fraud, and the continued growth of social media fraud. Key takeaways from the report include:
Source: Proof Point
Users of the popular MyFitnessPal app and other online accounts may want to change their passwords after details from 617 million accounts from 16 hacked websites were posted for sale on the dark web in February.
Source: The Register
Dunkin' Donuts announced that it was the victim of a credential stuffing attack, the second of such occurrences within 3 months, in which hackers gained access to customer accounts. The announcement highlights the growing trend of credential stuffing attacks as data breaches continue to provide hackers with an endless supply of credentials.
Source: ZD Net
Cyber security firm, Kaspersky, released their fourth quarter report on denial of service (DDoS) activity noting 13% less DDoS activity in 2018 than the previous year. Additional highlights from the report include:
Source: Secure List
Anti-money laundering contacts at credit unions were the target of a malware-laced spear phishing campaign in February. Many of the credit unions suspect the data, which is not available to the public, may have been obtained from the National Credit Union Administration (NCUA), an independent federal agency that insures deposits at federally insured credit unions, similar to the FDIC.
Source: Krebs on Security
The Financial Industry Regulatory Authority (FINRA) issued a notice to brokerage firms in response to a phishing attack targeting firms with malicious emails.
Source: Bleeping Computer
Scammers handling a phishing website to obtain Office 365 credentials recently added a “live support” feature to increase the appearance of legitimacy and trick new victims into giving up account information.
How safe is your organization? Take the Cyber Risk Scorecard survey to assess your current cybersecurity standing and find additional steps your organization can take to protect against common cyber threats.
Jake Omann specializes in providing clients with risk management and executive risk services that cover their liabilities as a corporation, as well as the personal liabilities of their directors and officers. He started his career over 10 years ago in sales at a multinational financial services co
Jake Omann specializes in providing clients with risk management and executive risk services that cover their liabilities as a corporation, as well as the personal liabilities of their directors and officers. He started his career over 10 years ago in sales at a multinational financial services corporation before beginning his broker career in managing executive risk programs for Fortune 500 companies. Jake currently sits on the board for ACES for Kids.
Wire transfer requests top the list of business email compromise (BEC) objectives, according to a study by Barracuda Networks. Additional objectives laid out by the report include duping users into clicking on malicious links, establishing rapport and stealing information, with the end goal of extorting millions of dollars from unsuspecting companies.
This month's Threat Intelligence Report is about a large hotel chain that reports an “unauthorized access” to its customer database since 2014, exposing data of 500 million guests; a vulnerability in a postal service site that left 60 million customers exposed for more than a year; a third-party vendor breach that exposes data of millions of healthcare patients; a new report that profiles notorious MageCart cyber criminals; court documents that reveal first-ever indictment on ransomware charges; and a bundled pack that makes SamSam and other ransomware easier for hackers to obtain and deploy.
Send a Message
Find a Location