Covid-19 threw our world into turmoil - from battling against a pandemic we never expected, all the way to keeping up with the contentious U.S. election. While we have had our eyes turned, cybercriminals have been watching and waiting to take advantage of poorly secured networks and distracted victims. 2020 has been riddled with cyberattacks, many taking form as a phishing link. That being said, here are last years top 5 phishing scams: The COVID-19...
Read more
All passengers are now required to provide verifiable proof of a negative COVID-19 test upon arrival in the UK. This decision came after the UK government suspended all travel corridors on the 18th January 2021 - a decision which has caused upheaval at London Heathrow Airport. As a result, the UK is faced with a new threat, involving fake COVID-19 test certificates and vaccination records. There has been an alarming rise in the amount of...
Read more
MyFreeCams is an adult video chat platform which provides free access to chat rooms with models, as well as paid services. A hacker has claimed that they have accessed MyFreeCams' database using a SQL injection attack. After gaining access to the platform's database the hacker stolen 2 million paying users' emails, usernames, and plain text passwords. This week the hacker has offered to sell 10,000 recorders from the MyFreeCams' database for $1,500 in Bitcoin, claiming...
Read more
All Social Media platforms need to do more to properly monitor their platforms for any activity that may involve extremist groups or conspiracy theories. New rules have been set out, indicating how social media firms should moderate their content. Facebook claims it had removed 30,000 pages, events and groups related to what it called "militarised social movements". Monika Bickert, Facebook's vice president of global policy management stated: "We have a 24-hour operation centre where we...
Read more
Two top national security nominees, Retired Army Gen. Lloyd Austin and Avril Haines, have advocated for stronger federal cybersecurity following a supply chain breach that affected several federal agencies. If these nominees are confirmed, they will begin their jobs in the middle of the damage assessment process. The attack has been attributed to Russian hackers, who presumably got access through the SolarWinds breach. Austin made a statement, declaring that: “We must elevate cybersecurity as an...
Read more
Check Point Research published a blog post on Thursday, explaining the phishing campaign, in which stolen information was discarded on WordPress domains. The attackers had been targeting the construction and energy sectors. The attack began with a fraudulent email template, mimicking Xerox/Xeros scan notifications, along with the victim's name in the title or subject line. The messages originated from a Linux server and were sent through PHP mailer and 1&1 email servers. The hackers included...
Read more
A report from the Microsoft 365 Defender Team, Microsoft Threat Intelligence Center (MSTIC), and Microsoft Cyber Defence Operations Center (CDOC) details how the SolarWinds hackers managed to remain undetected for so long. The report discloses new details including the steps and tools used to deploy the custom Cobalt Strike loaders (Teardrop, Raindrop, etc.) after the hackers dropped the Solorigate (Sunburst) DLL backdoor. It was revealed that: "During our in-depth analysis of the attacker’s tactics, techniques,...
Read more
For the past few years, a Chinese hacking group has been targeting the airline industry to obtain passenger data. Their goal was to track the movement of person of interest. The threat actor responsible has been given the name Chimera. The groups activities were first reported in 2020, and are thought to be nation state actors. The NCC Group and Fox-IT compiled a report, which was published last week, that claims the intrusions are broader than...
Read more
SolarWinds attackers managed to gain access to internal emails via a different intrusion vector. This was confirmed by Malwarebytes, who stated that a second threat vector was used to infiltrate private emails with the use of password guessing or spraying and/or exploiting admin or service credentials. The vendor reported suspicious activity on December 15 and linked it to the same threat actor involved in the SolarWinds attacks. “The investigation indicates the attackers leveraged a dormant...
Read more
New research by the Ponemon Institute and Keeper Security has found that 70% of the UK's financial sector has experienced a cyber-attack in 2020. The researchers have warned that this increase in the rate of attacks could result in “disastrous consequences” if action is not taken. The report has also found that 59% of these attacks were made more likely due to the acceleration in remote working due to the pandemic, as the workforce is...
Read more