Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Vishing At The Ritz: There’s A New Type Of Cybercrime In Town

    • There's another clever fraud tactic to add to your library of security threats. Imagine a call or voice message that appears to come from a trusted source but is really a disguised attempt to compromise your identity, credentials or financial information.
    • More of a social engineering scheme than a vulnerability, "vishing" is a highly effective and targeted form of phishing that uses voice as a means to lure victims into disclosing private information.
    • A recent data breach at the Ritz in London that evolved into vishing attacks on hotel guests demonstrates how conniving cybercriminals have become in this social engineering scam.
    • Riding on the coattails of the first attacks, vishing hackers mount a nefarious second wave perfectly timed to hit victims where it already hurts.
    - Emil Sayegh | September 30, 2020
    hak-iq.us20.list-manage.comSeptember 30, 2020

  • This worm phishing campaign is a game-changer in password theft, account takeovers

    • A phishing attack taking place against an organization has revealed a crafty method to bounce between victims in a way deemed "ingenious" by a researcher.
    • This is how it worked: once one email account was compromised, the credentials for the account were sent to a remote bot. The bot would then sign into the account and analyze emails sent within the past several days.
    - Charlie Osborne | September 30, 2020
    hak-iq.us20.list-manage.comSeptember 30, 2020

  • New Microsoft Security Report Highlights Phishing, Ransomware and Unpatched VPNs

    • Microsoft on Tuesday announced the release of its "Digital Defense Report," which is described as "a reimagining" of Microsoft's "Security Intelligence Report" (SIR).
    • Microsoft harvests more than "8 trillion security signals per day" from endpoints, the network edge and the cloud.
    • Cybercriminals typically send spoofed e-mails pretending they are from official sources to get users to click on malicious links.
    • The report found that "based on our Office 365 telemetry, the top five spoofed brands are Microsoft, UPS, Amazon, Apple, and Zoom."
    Redmond Mag - Kurt Mackie | September 29, 2020
    hak-iq.us20.list-manage.comSeptember 29, 2020

  • DDoS attacks are getting more powerful as attackers change tactics

    • While DDoS attacks have been a nuisance for years, the prospect of corporate, e-commerce, healthcare, educational and other services being disrupted at a time when the ongoing global pandemic means more people are reliant on online services than ever could create huge problems.
    • But a new threat intelligence report by cybersecurity company Netscout suggests that's exactly what's happening, as cyber criminals have launched more DDoS attacks than ever before.
    • The reason DDoS attacks are getting more powerful is because they're getting more complex, using many different types of devices and targeting different parts of the victim's network.
    • Indeed, attackers are learning that the most basic DDoS attacks are becoming less effective, so are dropping them in favour of more powerful campaigns.
    - Danny Palmer | September 29, 2020
    hak-iq.us20.list-manage.comSeptember 29, 2020

  • Las Vegas School District Ransomware Attack

    • A ransomware attack against Clark County School District (CCSD) in Las Vegas has ultimately triggered a data breach involving Social Security numbers, student information and other private information.
    • The district is cooperating with law enforcement, but did not state whether it has hired digital forensics or MSSP (managed security services provider) experts to investigate and recover from the indicident.
    • The school district did not disclose how much the hackers were demanding in the ransomware attack, nor has the district disclosed if the IT systems involved in the attack have been restored.
    - Joe Panettieri | September 29, 2020
    hak-iq.us20.list-manage.comSeptember 29, 2020

  • Council cyber attacks on the rise as criminals 'exploit' coronavirus pandemic

    • Hull City Council has suffered 10 significant cyber attacks this year, up from four during the whole of 2019 according to the local authority's figures.
    • Councillors heard IT staff had bought a phishing simulator to help train staff to recognise false emails and on what to do if sensitive information is passed on.
    • The committee also heard security systems currently in place meant the council could react quickly to breaches, with staff on standby to monitor threats all hours daily.
    • Councillors heard the local authority's IT systems are subject to yearly stress tests and that in house checks are undertaken regularly to prevent breaches.
    - Joseph Gerrard | September 28, 2020
    hak-iq.us20.list-manage.comSeptember 28, 2020

  • Windows 7 ‘Upgrade’ Emails Steal Outlook Credentials

    • An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems – but in reality, they are redirected to a fake Outlook login page that steals their credentials.
    • Windows 7 reached end-of-life (EOL) on Jan. 14, with Microsoft urging enterprises to upgrade to its Windows 10 operating system.
    • While Windows 10 was released in 2015, the pains of upgrading end-user machines mean that many companies have been lagging behind in updates.
    • The phishing emails in question, entitled “Re: Microsoft Windows Upgrade,” use the “re” prefix, which researchers said may instill a sense of urgency by leading the user to believe they have missed a prior communication about the upgrade.
    - Lindsey O'Donnell | September 28, 2020
    hak-iq.us20.list-manage.comSeptember 28, 2020

  • iOS 14 Monitors Your Passwords to Protect You Against Data Breaches — Here's How It Works

    • Safari and iCloud Keychain regularly monitor your passwords against leaked passwords online that may have been involved in a data breach.
    • Apple states that it "uses strong cryptographic techniques to regularly check derivations of your passwords against a list of breached passwords in a secure and private way that doesn't reveal your password information — even to Apple."
    • If that still doesn't sound good to you, you can disable the feature.
    Gadget Hacks - Justin Meyer | September 28, 2020
    hak-iq.us20.list-manage.comSeptember 28, 2020

  • How To Improve Bot Detection With Machine Learning

    • Fraud rings have grown in complexity and scale and resemble enterprises today, complete with their financial crime value chain.
    • The bot landscape is changing fast as fraudsters look to capitalize on the confusion, fear and uncertainty surrounding Covid-19 and its immediately accelerating e-commerce.
    • The three steps to better bot detection using AI and machine learning include analyzing all available data in the Identity Trust Global Network, using AI and machine learning to detect suspicious bad bot activity and responding to the threat in real-time.
    - Louis Columbus | September 27, 2020
    hak-iq.us20.list-manage.comSeptember 27, 2020

  • Companies See Work From Home As A Security Threat

    • Hackers find ways into computers, tablets and cellphones to steal data and other valuable information. As more devices connect to the web, it creates more opportunities for these thieves.
    • The International Criminal Police Organization (INTERPOL), the worldwide police cooperation and crime control network based in France, reported 907,000 spam messages, more than 700 malware attacks and 48,000 malicious domains that mention the coronavirus were discovered from January through April.
    | September 27, 2020
    hak-iq.us20.list-manage.comSeptember 27, 2020

451 A Street, Suite 500
San Diego, CA 92101

[email protected]

CONNECT WITH US

Linkedin Twitter

Cyber Center of Excellence is a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all.

JOIN US
Linkedin Twitter
Cyber Center of Excellence | Privacy Policy  |  Terms & Conditions
Linkedin Twitter
Privacy Policy  |  Terms & Conditions
© 2024 Cyber Center of Excellence