Entries by

Hackers are exploiting a Sophos firewall zero-day

Cyber-security firm Sophos has published an emergency security update on Saturday to patch a zero-day vulnerability in its XG enterprise firewall product that was being abused in the wild by hackers. Sophos said it first learned of the zero-day on late Wednesday, April 22, after it received a report from one of its customers. The customer […]

Increase in viruses targeted towards remote workers

Cybercriminals are unleashing a surprisingly high volume of new threats in this short period of time to take advantage of inadvertent security gaps as organisations are in a rush to ensure business continuity. Cyber Security firm Fortinet on Monday announced that over the past several weeks, it has been monitoring a significant spike in COVID-19 related […]

BEC Attacks

Business Email Compromise (BEC) attacks have become a highly remunerative line of business for threat actors. A new research from the APWG (Anti-Phishing Working Group) revealed how enterprises lose their wealth to BEC attacks. In its “Phishing Activity Trends Report,” APWG highlighted that the average wire transfer loss from BEC attacks surged from $54,000 in […]

BEC Attacks

Business Email Compromise (BEC) attacks have become a highly remunerative line of business for threat actors. A new research from the APWG (Anti-Phishing Working Group) revealed how enterprises lose their wealth to BEC attacks. In its “Phishing Activity Trends Report,” APWG highlighted that the average wire transfer loss from BEC attacks surged from $54,000 in […]

Hackers are exploiting a Sophos firewall zero-day

Cyber-security firm Sophos has published an emergency security update on Saturday to patch a zero-day vulnerability in its XG enterprise firewall product that was being abused in the wild by hackers. Sophos said it first learned of the zero-day on late Wednesday, April 22, after it received a report from one of its customers. The customer […]

Apple Patches two zero-day Vulnerabilities

Researchers revealed two zero-day security vulnerabilities affecting Apple’s stock Mail app on iOS devices. Researchers are reporting two Apple iOS zero-day security vulnerabilities affecting its Mail app on iPhones and iPads. Impacted are iOS 6 and iOS 13.4.1. Apple patched both vulnerabilities in iOS 13.4.5 beta, released last week. A final release of iOS 13.4.5 […]

65% of COVID-19 Phishing Campaigns Spread Spyware: Research

Singapore-based cybersecurity company Group-IB’s Computer Emergency Response Team analysed hundreds of Coronavirus-related phishing emails between February 13 and April 1, 2020. Researchers found that spyware was the most common malware class (65%) hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phisher’s favorite strains. Spyware: The Most likely COVID-19 Phishing Campaign Payload CERT-GIB’s report is based on the Threat Detection System […]

Work From Home – What’s Next

Phase 1 was all about employee access, network communications confidentiality/integrity, and basic endpoint security. The next phases will move quickly from risk assessment to mitigation. As most CISOs know all-too-well, large-scale work from home (WFH) initiatives due to COVID-19, where the priority was getting users up and running as quickly as possible, forced security leaders […]

IT services firm Cognizant hit with Maze ransomware

Cognizant, a multibillion-dollar IT services company with clients in the banking and oil and gas industries, said Saturday its computer systems had been disrupted by Maze ransomware, a strain of malicious code that has been used in cyberattacks in the U.S. and Europe in recent months. “Our internal security teams, supplemented by leading cyber defense […]