Security News

Research from Atlas VPN found that criminals' net proceeds outpace the revenue made by tech giants each year. Cybercriminals are now making more than billion-dollar corporations according to a new study from Atlas VPN. Researchers from the company found that cyberattacks are helping criminals in total to make more than $1.5 trillion in revenue each year, which is the three times the $514 billion Walmart makes annually.

Cybercriminals are likely to leverage the global anxiety around the coronavirus outbreak to execute ransomware attacks against businesses, according to RiskIQ. After extensive analysis of past ransomware attacks during global epidemics and current phishing campaigns leveraging the coronavirus, threat actors will eventually begin using ransomware against victims they infect with the AZORult and Emotet varieties of malware. Clicking on malicious links is necessary to execute the attacker's malware, which opens the door for ransomware infection.

Unwanted and malicious emails using political-themed lures has spiked as the presidential primary season cranks into high gear - with Donald Trump and Bernie Sanders representing the lion's share of subject line themes. "Overall UCE volumes mentioning individual candidates suggests that Donald Trump not only has the incumbent's advantage but also maintains the strongest brand as he did in 2016," researchers said in a posting issued on Super Tuesday.

VAPs therefore must be prioritised for training, with additional attention given to checking their accounts for potential compromise, but they are not the only ones you should train. The problem training must address is employees do not consider themselves responsible for detecting and avoiding phishing.

Cybercriminals are now partnering with drug cartels across Latin America to attack financial institutions and governments, leveraging a wide variety of scams and malware to make millions, according to a new report from cybersecurity firm IntSights. Mexican law enforcement arrested Héctor Ortiz Solares-known as "El H-1" or "Bandido Boss"-in 2019 after he spent years recruiting top-tier hackers who built malware for his gang, named "Bandidos Revolution Team." The malware was designed to infect ATM machines and attack Latin American banks.

A Lincoln health care company has been targeted by cybercriminals, but company officials said there's no evidence of any patient data being compromised. NRC Health said it immediately shut down its system Feb. 11 to contain the ransomware attack, the Lincoln Journal Star reported.

Spam, ransomware, and malware continue to haunt organizations, but bad actors are also cooking up new spins on these tried-and-true methods, according to security company Fortinet. A report from Fortinet on the threat landscape for the final quarter of 2019 reveals that cybercriminals will exploit every possible opportunity, both new and old, to attack organizations and users alike.

Tax season is upon us and cybercriminals have taken notice, unleashing a tidal wave of attacks targeting every US citizen and tax prep company. "This information is also valuable and could be used or resold for identity fraud purposes. Additionally, the employees legitimate tax documents can also be found here. This could be used by the attackers to file fraudulent tax returns on the employee's behalf to direct their tax returns to the attacker's coffers." Threat researchers at Zix-AppRiver released a report last week detailing their efforts monitoring and actively battling a series of Business Email Compromise attacks on CPAs and law firms over the past month.

Cybercriminals were already using convincing but fake emails from the WHO, CDC and Japanese government to trick people into downloading PDF, MP4 and Microsoft Word DOCX files. The shipping and manufacturing industry have taken massive hits because of the quarantines in China, and cybercriminals have sought to exploit that by bombarding companies with malware, spam and fake emails with links to sites like Office 365, Adobe and DocuSign hoping to steal emails and passwords.

Which ten software vulnerabilities should you patch as soon as possible? Recorded Future researchers have analyzed code repositories, underground forum postings, dark web sites, closed source reports and data sets comprising of submissions to popular malware repositories to compile a list of the ten most exploited vulnerabilities by cybercriminals in 2019.