Shifting Strategies: Using Social Media, SEO in Tech Support Scams
Over the years, tech support scams have been aggressively attacking consumers the world over. Under the guise of helping people with their tech woes, scammers contact would-be victims in an unsolicited manner via phone calls, website redirects, pop-up advertisements, and on occasion, phishing emails. Despite the years, tech support scams are far from being washed […] more…Open Backdoors and Voice Assistant Attacks: Key Takeaways from the 2019 Mobile Threat Report
These days, we seem to have a newfound reliance on all things ‘smart.’ We give these devices the keys to our digital lives, entrusting them with tons of personal information. In fact, we are so eager to adopt this technology that we connect 4,800 devices per minute to the internet with no sign of slowing down. […] more…Your Smart Coffee Maker is Brewing Up Trouble
IOT devices are notoriously insecure and this claim can be backed up with a laundry list of examples. With more devices “needing” to connect to the internet, the possibility of your WiFi enabled toaster getting hacked and tweeting out your credit card number is, amazingly, no longer a joke. With that in mind, I began […] more…Threats to users of adult websites in 2018
More graphs and statistics in full PDF version Introduction 2018 was a year that saw campaigns to decrease online pornographic content and traffic. For example, one of the most adult-content friendly platforms – Tumblr – announced it was banning erotic content (even though almost a quarter of its users consume adult content). In addition, the […] more…Ryuk, Exploring the Human Connection
In collaboration with Bill Siegel and Alex Holdtman from Coveware. At the beginning of 2019, McAfee ATR published an article describing how the hasty attribution of Ryuk ransomware to North Korea was missing the point. Since then, collective industry peers discovered additional technical details on Ryuk’s inner workings, the overlap between Ryuk and Hermes2.1, […] more…ATM robber WinPot: a slot machine instead of cutlets
Automation of all kinds is there to help people with their routine work, make it faster and simpler. Although ATM fraud is a very peculiar sort of work, some cybercriminals spend a lot of effort to automate it. In March 2018, we came across a fairly simple but effective piece of malware named WinPot. It […] more…The Risks of Public Wi-Fi and How to Close the Security Gap
As I write this blog post, I’m digitally exposed, and I know it. For the past week, I’ve had to log on to a hospital’s public Wi-Fi each day to work while a loved one recuperates. What seems like a routine, casual connection to the hospital’s Wi-Fi isn’t. Using public Wi-Fi is a daily choice […] more…What About a Heart-To-Heart Talk with Your Loved Ones This Valentine’s Day?
I was listening to the Valentine’s Day playlist of my friend when suddenly espied one of my favorites- Ain’t No Mountain High Enough and started humming the song. Remember it? If you need me call me No matter where you are No matter how far; Just call my name I’ll be there in a hurry […] more…Windows App Runs on Mac, Downloads Info Stealer and Adware
By Don Ladores and Luis Magisa EXE is the official executable file format used for Windows to signify that they only run on Windows platforms, and to serve as a security feature. By default, attempting to run an EXE file on a Mac or Linux OS will only show an error notification. However, we found […] more…Valentine’s Alert: Don’t Let Scammers Break Your Heart or Your Bank Account
It’s hard to believe that as savvy as we’ve become about our tech, people are still getting catfished, scammed, and heartbroken in their pursuit of love online. The dinner conversation between bystanders goes something like this: “How could anyone be so dumb? Seriously? If they are going to be that reckless and uninformed, then maybe […] more…Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
By Augusto Remillano II and Jakub Urbanec While conducting a routine log check, we noticed an interesting script from one of our honeypots downloading a binary connected to a domain. Upon further analysis, we found the script capable of deleting a number of known Linux malware, coin miners, and connections to other miner services and […] more…DDoS Attacks in Q4 2018
News overview In Q4 2018, security researchers detected a number of new botnets, which included not only Mirai clones for a change. The fall saw increased activity on the part of the Chalubo bot, whose first attacks were registered in late August. Although the new malware employs snippets of Mirai code and the same persistence […] more…Facebook’s Plans to Merge Messaging Platforms: What This Means for Online Safety
Integration: it seems to be all the rage. As technology becomes more sophisticated, we sprint to incorporate these new innovations into our everyday lives. But as we celebrate Safer Internet Day, one can’t help but wonder, is all integration good when it comes to information shared online? Major privacy concerns have been raised surrounding Facebook’s […] more…California Consumer Privacy Act
This blog was written by Gerald Jones Jr. More sweeping privacy law changes are on the horizon as California law overhauls consumer protection and privacy rights. Shortly after the European Union’s watershed General Data Protection Regulation (GDPR) enforcement began on May 25, 2018, California passed its own privacy bill, the California Consumer Privacy Act of […] more…Going In-depth with Emotet: Multilayer Operating Mechanisms
Over a period of just five years, Emotet has managed to evolve into one of the most notorious cyber threats in existence – one that causes incidents that cost up to $1 million dollars to rectify, according to US-CERT. We recently reported about Emotet’s activities as well as its two infrastructure setups. This follow-up blog […] more…Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users
By Ecular Xu Adware is bothersome, disruptive, and have been around for a long time, but they’re still around. In fact, we recently discovered an active adware family (detected by Trend Micro as AndroidOS_HidenAd) disguised as 85 game, TV, and remote control simulator apps on the Google Play store. This adware is capable of displaying […] more…More information
- Apple fan buys lunch with Tim Cook for $300,000
- Update: TSM Server Outage (saverestore.its.psu.edu)
- Israel’s Electric Authority slammed with ‘severe’ cyberattack
- 8 biggest myths about managing geeks
- Update: UCS Outage
- Google: We find 9,500 new malicious sites every day
- Gold Dealer JM Bullion Discloses Months-Long Payment Card Breach
- Researchers Earn $280,000 for Hacking Industrial Systems at Pwn2Own Miami
- Federal Agencies Instructed to Patch New Chrome Zero-Day
- Mobile Virtualization – Solving the BYOD Problem