Security News

Over 400 malicious Valentine's Day-themed phishing individual email campaigns were spotted on a weekly basis in January, according to Check Point Research. The fraudulent email sent the year has not changed and the company address is written in lower-case, according to Check Point.

A new distributed denial-of-service attack vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline. "Plex's startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks," Netscout researchers said in a Thursday alert.

Primarily, the report highlights a rise in ransom-related DDoS attacks, by which extortion demands are issued against organizations. While RDDoS is not a new phenomenon for many online industries, attackers have recently set their sights on organizations across a wider variety of sectors including financial services, government and telecommunications.

Cybercriminals behind a successful phishing campaign have exposed more than 1,000 corporate employee credentials on the Internet, according to a warning from security vendor Check Point. As part of the campaign, the attackers were able to successfully bypass Microsoft Office 365 Advanced Threat Protection filtering, which allowed them to harvest more than a thousand credentials from victims.

Bitdefender on Monday announced the availability of a free tool that organizations can use to recover files encrypted by DarkSide, a piece of ransomware that cybercriminals claim helped them make millions. DarkSide operators have been making money not only by encrypting important files on compromised systems, but also by stealing valuable information to pressure victims into paying up.

Security experts are warning hackers are ramping up attempts to exploit a high-severity vulnerability that may still reside in over 100,000 Zyxel Communications products. Zyxel, a Taiwanese manufacturer of networking devices, on Dec. 23 warned of the flaw in its firmware and released patches to address the issue.

Isn't it time we stop getting psyched by the bad guys? Here are five steps cybersecurity pros can take now. How human behavior impacts cybersecurity is a hot topic.

"The seemingly endless ocean of threats can paralyze those who make decisions for an organization. They sense an ominous feeling of blood in the water yet lack clarity about how to stop the sharks from feeding." Not unlike the fatigue being experienced due to COVID-19, users are flooded continuously with news about this or that data breach and how their sensitive information was stolen.

A VPN service used by many cybercriminals has been disrupted in a global operation that involved law enforcement agencies in Germany, the United States, the Netherlands, France and Switzerland. Europol reported on Tuesday that the operation targeted a service called Safe-Inet, and the U.S. Justice Department clarified that three associated domains have been seized, namely insorg.org, safe-inet.com and safe-inet.net.

Law enforcement agencies from the US, Germany, Netherlands, Switzerland, France, along with Europol's European Cybercrime Centre, announced today the coordinated takedown of Safe-Inet, a popular virtual private network service that was used to facilitate criminal activity. The service, which comes with support for Russian and English languages and has been active for over a decade, offered "Bulletproof hosting services" to website visitors, often at a steep price to the criminal underworld.