News

Payment card data from customers of Greenworks hardware tools website is currently being stolen by hackers via a malicious script with self-cloaking capabilities and anti-tampering protection. Greenworks distributes home and garden battery-powered tools for DIY consumers. Its business started in 2007 and grew to expand in North America and Europe. The main website of the power tool distributor has been compromised with a "highly-sophisticated self-cleaning and self-destructing skimmer" - a piece of code also known...

Authors of Valak information stealer are focusing more and more on stealing email credentials as researchers find a new module specifically built for this purpose. The malware emerged in testing mode in mid-October 2019 and has a modular plugin architecture that expands its capabilities to cover the needs of the threat actor. Valak has been developed at an accelerated rate, with more than 30 variants being identified in six months. It started as a malware...

Columbia College, Chicago has become the third US college in a week to fall victim to a cyber-attack involving the Netwalker family of ransomware. The Illinois educational establishment, along with Michigan State University and the University of California, San Francisco, was targeted by cyber-criminals and given six days to pay a ransom to recover its files. Netwalker, also known as Mailto or as an updated version of Kokoklock ransomware, was first observed operating in September 2019. The...

A survey by data protection firm Veritas Technologies found that more than a third (35%) of UK consumers would see a business leader as personally responsible if a cyber breach of that business occurs. It suggests that more than two-thirds (68%) believe they should be compensated when incidents such as ransomware attacks compromise their data, while 8% said they would like to see chief executives sent to prison if such a breach does take place....

IBM has announced it will no longer be offering general purpose facial recognition technology in fear that it could be used to promote racial discrimination and injustice. "IBM firmly opposes and will not condone uses of any technology, including facial recognition technology offered by other vendors, for mass surveillance, racial profiling, violations of basic human rights and freedoms, or any purpose which is not consistent with our values and Principles of Trust and Transparency," IBM...

Japanese automaker Honda has been hit by a cyber-attack which has impacted many of its business operations. The attack happened on Sunday 7th June, and led to problems across Honda's IT networks in Europe and Japan. According to multiple reports, cyber actors targeted a Honda server with SNAKE (Ekans) ransomware aiming to cause damage to the company's computer network. While the company has yet to confirm a ransomware attack, it has acknowledged a security incident...

Hackers are attacking high ranking executives of a German multinational corporation part of a government-private sector task force focused on personal protective equipment (PPE) procurement. The attackers behind this pandemic-related spear-phishing campaign have already attempted to steal the user credentials of over 100 senior executives as security researchers at IBM X-Force Incident Response and Intelligence Services (IRIS) said in a report published today. This task force's members have been commissioned by the German government to leverage their expertise and contacts...

New research has revealed mobile phishing has increased by 37% in Q1 2020 compared to Q4 2019 with much of this rise a result of cybercriminals targeting the millions of those working from home due to the coronavirus pandemic that has plagued the world. The Mobile Phishing Spotlight Report also detailed the costly nature of mobile phishing attacks as an organisation with 10,000 mobile devices could suffer up to $35m for a single mobile phishing...

The operators of the eCh0raix ransomware have launched another wave of attacks against QNAP network-attached storage (NAS) devices. The eCh0raix gang has been active since June 2019, when they first deployed a first version of their ransomware. Despite having its initial ransomware version decrypted, the group has never disappeared, deploying a newer version that security researchers couldn't crack. The group's activity has slowed down since last summer, primarily because of competition from rival ransomware gangs targeting...

A fake decryptor for the STOP Djvu Ransomware is being distributed that lures already desperate people with the promise of free decryption. Instead of getting their files back for free, they are infected with another ransomware that makes their situation even worse. While ransomware operations such as Maze, REvil, Netwalker, and DoppelPaymer get wide media attention due to their high worth victims, another ransomware called STOP Djvu is infecting more people then all of them combined on...