ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats
Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps as they head into this year’s Black Friday and Cyber Monday holiday shopping events.
Despite being...
Cybersecurity Predictions for 2021: Robot Overlords No, Connected Car Hacks Yes
While 2021 will present evolving threats and new challenges, it will also offer new tools and technologies that will we hope shift the balance towards the defense.
Predicting the future...
Major BEC Phishing Ring Cracked Open with 3 Arrests
Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares.
Three men suspected of participating in a massive business email...
Changing Employee Security Behavior Takes More Than Simple Awareness
Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.
Security awareness rarely leads to sustained behavior change on its own, according...
‘Minecraft Mods’ Attack More Than 1 Million Android Devices
Fake Minecraft Modpacks on Google Play deliver millions of abusive ads and make normal phone use impossible.
Scammers are taking advantage of the Minecraft sandbox video game’s wild success by...
Blackrota Golang Backdoor Packs Heavy Obfuscation Punch
Blackrota is targeting a security bug in Docker, but is nearly impossible to reverse-analyze.
Researchers have discovered a new backdoor written in the Go programming language (Golang), which turned...
TA416 APT Rebounds With New PlugX Malware Variant
The TA416 APT has returned in spear phishing attacks against a range of victims – from the Vatican to diplomats in Africa – with a new Golang version of...
GoDaddy Employees Tricked into Compromising Cryptocurrency Sites
‘Vishing’ attack on GoDaddy employees gave fraudsters access to cryptocurrency service domains NiceHash, Liquid.
A recent social-engineering “vishing” attack on domain registrar GoDaddy temporarily handed over control of cryptocurrency service...
Election Cyber Threats in the Asia-Pacific Region
In democratic societies, elections are the mechanism for choosing heads of state and policymakers. There are strong incentives for adversary nations to understand the intentions and preferences of the...
APT Exploits Microsoft Zerologon Bug: Targets Japanese Companies
Threat actors mount year-long campaign of espionage, exfiltrating data, stealing credentials and installing backdoors on victims’ networks.
China-backed APT Cicada joins the list of threat actors leveraging the Microsoft Zerologon...
