Security News > 2022 > May

The FBI warned the global cost of business email compromise attacks is $43 billion for the time period of June 2016 and December 2021. BEC or email account compromise are an advanced scamming technique that targets both employees and business and the businesses they work for.

Kaspersky uncovers fileless malware inside Windows event logs. The cybersecurity company published a blog on May 4 detailing that, for the first time ever, hackers have placed shellcode into Windows event logs, hiding Trojans as fileless malware.

The US government is offering up to $15 million for information about key leaders of the notorious Conti ransomware group and any individual participating in an attack using a variant of Conti's malware. In its notice issued May 6, the US Department of State said the Conti ransomware variant was the costliest strain of ransomware on record, noting that as of January, there were more than 1,000 victims of attack that involved Conti ransomware, with payouts surpassing $150 million.

Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads. F5 last week released patches for the security issue, which affects the BIG-IP iControl REST authentication component.

Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads. F5 last week released patches for the security issue, which affects the BIG-IP iControl REST authentication component.

The server keeps track of every time this "Image" is opened and by which IP address. This quirk of internet history means that marketers can track exactly when you open an email and your IP address, which can be used to roughly work out your location.

US agricultural machinery maker AGCO is the latest high-profile organization to fall victim to ransomware, which it says affects operations at some of its worldwide production facilities. AGCO put out a short statement on its website disclosing the ransomware attack, and confirmed it continues to impact some of production facilities.

FBI: $43 billion in losses are due to Business Email Compromise fraud between 2016 and 2021. The Federal Bureau of Investigation released an alert that said there has been a 65% increase in identified global exposed losses from Business Email Compromise fraud, also known as Email Account Compromise.

Microsoft is rolling out its "Security Experts" managed service with an eye on stomping down threats and malware. Microsoft is planning to roll out three such managed services in 2022, one of which became available today.

Colonial Pipeline is facing an almost $1 million fine for control room management failures after the US Department of Transportation alleged they contributed to the nation's fuel disruption in the wake of the 2021 ransomware attack. Following the agency's inspection of Colonial Pipeline's control room management procedures and records, it said the company was in "Probable violation" of several pipeline safety rules, including a seeming failure to adequately plan and prepare for manual shutdown and restart of its pipeline system.