Mimecast's 2018 "State of Email Security" report is out, and although it's contents are hardly a surprise, the news it contains is mostly bad. For starters, it confirms what most IT professionals already know: Email continues to be a big threat for organizations of all sizes. Unfortunately, the C-Suite (CEO's, CIO's, CFO's, and the like) are a major part of the problem, representing a significant weak link in Enterprise security. Not only are they a prime target for hackers, but … Read more
New Report Shows 32 Percent Increase In Cyber Attacks
Positive Technologies has just released a new report that paints a grim picture for IT professionals. If your sense is that the number of cyberattacks are increasing, you're not wrong. In fact, it's probably worse than you realize. So far this year, we've seen a staggering 32 percent increase in the total number of cyberattacks in the first quarter of 2018, compared to the same period last year. Even worse, malware attacks have increased by a mind-bending 75 percent since the first quarter of … Read more
Malware Created Using Stolen Legitimate Security Certificate From D-Link
Researchers from the digital security firm ESET have recently spotted a new malware campaign with a nasty twist. It was created using a legitimate security certificate stolen from D-Link. The malware appears to be the work of an Advanced Persistent Threat group known as BlackTech, which primarily targets high profile users and firms in Asia, with a particular emphasis on Japan, Hong Kong and Taiwan. BlackTech is responsible for two different malware families, PLEAD and the DRIGO … Read more
Watch Out For Rise In Microsoft Office Attacks
Menlo Security has recently published a new report that will probably dismay you if you're a business owner. Microsoft Office has been named as the attack vector of choice for hackers around the world. The most common form of the attack is a malicious Word document or other office document attached to an innocent looking email. There are, of course, plenty of other ways to take advantage of various security weaknesses in MS Office and Office 365. These include the use of remotely hosted … Read more
New Trick Lets Hackers Bypass Office 365 Email Security
What's old is new again. Hackers have recently begun re-deploying a decade-old trick called 'ZeroFont' to get around Microsoft's security filters and deliver phishing and spam emails to Office 365 email accounts. The gimmick? Zero-point fonts. As anyone with even passing familiarity to Office 365 knows, if you're drafting a document, you can change the font size to suit your tastes and preferences. What few people realize is that you can use html code to set your font to zero-point … Read more
Another Vulnerability Found In Intel CPU’s
More bad news for Intel. Yet another security flaw has been identified in the processors the company makes. This one is so newly discovered that the full technical details have yet to be released. Here's what we know so far, from a recent Intel announcement: "System software may opt to utilize Lazy FP state restore instead of eager save and restore of the state upon a context switch...Lazy restored states are potentially vulnerable to exploits where one process may infer register values of … Read more
Attackers Targeting Job Seekers Via Listings And Recruitment
Cyber-criminals around the world are increasingly focusing their attention on job seekers. According to the security firm Flashpoint, there has been a notable uptick in ploys involving phony job listings that attempt to get job seekers to give up personal information. Perhaps the biggest surprise is the fact that this is only now becoming a growing threat. After all, from the cyber-criminal's point of view, it's low hanging fruit. Job seekers expect that they'll be asked for all types of … Read more
Embedded Sound Waves Could Damage Your Computer
It seems like a new attack vector emerges on a weekly basis, and this week is no exception. The latest threat: Emails containing specialized audio files whose acoustic vibrations can damage your computer's hard drive. This is possibly damaging to the point of causing system failure, data corruption, and making it impossible to successfully reboot your machine. As the researchers point out, "Intentional acoustic interference causes unusual errors in the mechanics of magnetic hard disk drives … Read more
FBI Advises Users To Reboot Their Routers
Cisco's Talos Security Team has identified a new threat, and it's a nasty one impacting more than half a million consumer-grade routers in the US. According to the Talos Team's report, the new malware is impacting a broad cross-section of routers made by TP-Link, QNAP, Netgear, Mikrotik, and Linksys. Known as "VPNFilter," the malware currently infecting routers appears to be the first stage in a multi-phase attack, with the first segment allowing the hackers to collect a wide range of … Read more
Vega Stealer Malware Goes After Your Saved Credentials
There's a new security threat to be worried about, and security professionals are warning that it could be very bad indeed. The new malware is known as the "Vega Stealer," and is currently being used in a relatively simplistic phishing campaign designed to harvest financial data that has been saved in both Google Chrome and Firefox browsers. Unfortunately, based on an analysis of the code, it could be a much more serious threat. Vega Stealer isn't 100 percent original work, but rather, is a … Read more
