Security Newsletter
Bad Guys Use Telegram Bots To Hack Into PayPal Accounts
Researchers uncovered a new malicious campaign that uses Telegram bots to steal OTPs (one-time password tokens) and hack into PayPal, Apple Pay, and Google Pay accounts. Intel 471’s research has found that a credential-stealing campaign uses Telegram bots to hack into...
BlackMatter Hit Iowa Farmers Cooperative And Demanded $5.9M Ransom
Critical infrastructure was targeted in a massive ransomware attack allegedly conducted by the BlackMatter group, a reincarnation of the infamous DarkSide cybergang. Researchers leaked conversations between New Cooperative negotiators and BlackMatter operators. A new...
New COVID-19 Themed Android Malware Reaches Deep Into Device Functions
A new Android malware called TangleBot has weaseled its way into the vast cyber threat landscape. Researchers warned that it could perform a handful of ill-intended actions, such as stealing personal data and controlling apps and device functions. The New Android...
Massive Data Breach: 3.8 Billion Combined Clubhouse, Facebook Records Up For Sale
Billions of users’ combined Clubhouse and Facebook data were exposed and put up for sale online in a massive data breach. The combined cache of data is expected to result in a rash of account takeover and smishing attacks, experts predict. The database of 3.8 billion...
Credential Spear-Phishing Campaign Sneaks Past Security Filters Into 75K Inboxes
A spoofed Zix encrypted email has slipped past spam and security controls across Office 365, Google Workspace, Exchange, Cisco ESA, and others right into almost 75K inboxes, in a vast credential spear-phishing campaign. Armorblox researchers have detected an active...
The Cloud Is The Most Vulnerable To Ransomware Attacks in 2021
A recent survey found yet another series of concerning figures, as the recent ongoing pedal-to-the-metal digitization outpaces most organizations that are almost waiting for ransomware attacks to happen. High Global Vulnerability To Ransomware Attacks Veritas...
Microsoft Warns Of Huge Phishing-as-a-Service Operation
Microsoft recently discovered a massive phishing-as-a-service operation called BulletProofLink, which provides phishing kits, email templates, hosting, and several other tools. It also explained how new cybercriminals could get into the business. Microsoft’s team...
Ransomware Attack Hits Crystal Valley Farm Cooperative
The harvest is bitter for another agricultural business that fell victim to a ransomware attack this week and its websites are now down. Payment Systems Down Following The Ransomware Attack Minnesota-based farm supply and grain marketing cooperative Crystal Valley was...
ZLoader’s Comeback: Exploiting AdWords And Disabling Windows Defender
The now-famous banking trojan, ZLoader, adopts a brand new attack strategy, using ads for Microsoft TeamViewer and Zoom to attract unsuspecting victims. Researchers have discovered a new targeted campaign delivering the ZLoader banking trojan through Google AdWords...
A 2-Day Credential-Stealing Phishing Scam: Attackers Impersonate the US Department Of Transportation
Scammers dangled the lure of receiving funds from the $1 trillion infrastructure bill and mimicked the legitimate federal site in a recent phishing scam. An Elaborate Phishing Scam In a two-day phishing scam, attackers impersonated the U.S. Department of...
Stay up-to-date with the latest changes in cybersecurity
