Malware, Phishing and Ransomware

New research has revealed that COVID-19 related phishing emails are still a serious threat as found by KnowBe4, a dedicated security awareness training and simulated phishing platform. The results from the Q3 2020 top-clicked phishing report, exactly half of the most clicked phishing emails contained a coronavirus reference – and this was the most popular out of all the ones tested in the KnowBe4 phishing simulator. This was closely followed by social media messages (47%)...

If you haven’t seen this video on attention, please do so, it’s just over a minute long.  https://www.youtube.com/embed/vJG698U2Mvo The video is by Christopher Chabris and Daniel Simons, both authors of the book, ”The Invisible Gorilla,” in which they reveal the numerous ways our intuitions can deceive us.  In essence, much like we react to the video above, we realise that our minds don’t work the way we think they do. We think we see ourselves and the...

New research has revealed mobile phishing has increased by 37% in Q1 2020 compared to Q4 2019 with much of this rise a result of cybercriminals targeting the millions of those working from home due to the coronavirus pandemic that has plagued the world. The Mobile Phishing Spotlight Report also detailed the costly nature of mobile phishing attacks as an organisation with 10,000 mobile devices could suffer up to $35m for a single mobile phishing...

Cybersecurity continues to be a challenge for businesses of all sizes, especially as workers are shifting to a remote workforce globally. According to recent research by Promon, the Oslo-based mobile security company which last year revealed flaws in the Home Office’s Brexit app, two-thirds of remote workers in the UK have not been given any cybersecurity training from employers in the past 12 months, while 77% say they aren’t worried about their cybersecurity while working remotely....

Researchers have unearthed a COVID-19 related spyware campaign that is specifically targeting Syrians and “likely other Arabic speaking” individuals in the Middle East region. Threat researchers at mobile security specialists, Lookout, discovered that over the past month, hackers, who are supposedly linked with the Syrian regime of President Bashar Al-Assad, have used at last 71 new malicious apps on Android mobile devices through the means of luring users with the coronavirus pandemic. The spyware threat is...

We can report that this week, Portuguese multinational energy giant Energias de Portugal (EDP) is the latest enterprise to be battling against cyber attackers after suffering a ransomware attack. The group behind this attack used the RagnorLocker malware variant and it has been reported that the hackers are demanding $10.9m as ransom in return for the stolen and locked files. It is believed that there is up to 10TB worth of critical corporate information which...

As mentioned in previous articles, Securonix, has devoted an entire taskforce to outlining key threats that are appearing under the guise of COVID-19 themed domain names or emails. The threat research team has been observing malicious threat actors attempting to exploit an increasing number of the associated cyberattack vectors such as:    Ransomware using weaponized COVID-19/coronavirus-related documents disrupting critical healthcare and other businesses’ operations;  Custom COVID-19 themed phishing attacks involving malicious documents to steal remote workforce credentials and infiltrate various organizations;  Malware using...

If these uncertain times have proved anything it is that now, more than ever, maintaining cybersecurity is critical to ensuring business as usual; especially as the workforce is moving towards a remote working environment. This means that even the slightest disruption to daily operations can cause catastrophic damage to businesses, many of whom are already struggling with these precarious times. With this in mind, we are fortunate that there are enterprises that put public wellbeing...

Unfortunately, ransomware is impacting businesses of all sizes across the globe. This means that critical systems and applications are encrypted by malicious actors and will only be decrypted if a ransom is paid. This will effect all but the most prepared enterprises, and as recent reports show, even prepared businesses can suffer. Offline backups of business critical information can be make or break when it comes to mitigating a ransomware attack. However unfortunately, some backups...

During the second quarter of 2019 Kaspersky experts detected multiple mailshots pretending to be offers for tax refunds worldwide. This period traditionally used as a deadline for filing tax returns and refunds in many countries. Using the scheme criminals, were trying to steal valuable information, or in some cases, install dangerous spyware. This and other findings are revealed in the Spam and Phishing in Q2 2019 Report. Spam and phishing malicious letters usually contain links...