Travel Industry Giants Failed to Secure their Websites Despite High-Profile Data Breaches, New Research Shows

Major airlines and hotel chains have failed to secure their online platforms even after previous data breaches and cyberattacks exposed information of millions of customers’ and drew fines from privacy regulators. That’s the conclusion of an investigation by Which?, which found hundreds of data security vulnerabilities on popular travel companies including Marriott, British Airways, and […]

Cyber losses are increasing in frequency and severity

Cyber attacks have increased in number and severity since the onset of the pandemic. The changes organizations implemented to facilitate remote work have given cybercriminals new opportunities to launch campaigns exploiting mass uncertainty and fear. Ransomware attack severity increases In fact, since the beginning of COVID-19, Coalition observed a 47% increase in the severity of […]

CEOs are being impersonated in massive email scams

More than 7,000 CEOs were impersonated since Covid-19 kicked off. (Image credit: Image Credit: Gustavo Frazao / Shutterstock) Business email compromise (BEC) attacks, a form of cyberattack in which a criminal impersonates an executive from a company and tries to scam either that company’s employees, customers or partners, has been blooming since the start of […]

Cyber Threat solutions provider Cygilant hit by NetWalker Ransomware Attack

    Cygilant, a Cybersecurity company that offers threat monitoring solutions, was hit by a NetWalker Ransomware attack. Although the ransomware variant hasn’t been confirmed yet, Christina Lattuca, the CFO of the security firm confirmed that a file encrypting malware attack hit a portion of the company’s technology environment. Currently, Cygilant is working with the […]

New web skimmer steals credit card data, sends to crooks via Telegram

The digital credit card skimming landscape keeps evolving, often borrowing techniques used by other malware authors in order to avoid detection. As defenders, we look for any kind of artifacts and malicious infrastructure that we might be able to identify to protect our users and alert affected merchants. These malicious artifacts can range from compromised […]

BEC Attack Payments Are on the Rise, Report Finds

Criminals look for higher BEC payments Gift card frauds are the most common BEC incidents One Russian BEC operation tries to hit companies with $1.27 million attack The average payments made through Business Email Compromise (BEC) attacks are increasing significantly, according to a new report APWG Phishing Activity Trends Report. While data breaches and ransomware […]

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has […]

No Rest for the Wicked: Evilnum Unleashes PyVil RAT

Over the course of the last few months, the Cybereason Nocturnus team has been investigating the activity of the Evilnum group. The group first emerged in 2018, and since then, Evilnum’s activity has been varied, with recent reports using different components written in Javascript and C# as well as tools bought from the Malware-as-a-Service provider […]

WastedLocker Ransomware Attacks Against Large U.S. Corporations

A group of attackers called EvilCorp, according to the researchers of Symantec and NCC Group, have launched complex and sophisticated attacks against more than 30 large U.S. companies. Among the organizations involved are manufacturing companies, companies in the energy and chemical sectors, transport organizations and some entities in the healthcare sector. The attack downloads a […]

Targeted Malware Attacks Against U.S. Utilities

According to a recent article by a security company called Proofpoint, in the summer of 2019, traces of a malware attack were discovered, unnoticed for at least two months, targeting primarily U.S. utilities. According to the analysis, the attackers spread malware called FlowCloud, which was hidden in a portable executable file (PE file) during the […]