Security News
In its 2020 Consumer Threat Landscape report, Bitdefender reckoned that most malware and ransomware infections occurred in the first half of the year - with cybercrims being noticeably less active in the runup to Christmas. The company reckoned that during 2020, two-thirds of all ransomware attacks it detected in the UK happened in Q1 and Q2 - with 11 per cent of the year's total taking place in Q4. Similarly, the company reckoned 74 per cent of cryptocurrency miner malware attacks took place in H1, whereas H1 2019 saw 54 per cent of the year's detected total taking place.
Apple has issued critical security patches for all supported phones, fondleslabs, and watches after being alerted to multiple possible intrusions by Google. According to Apple, the flaw allows for the creation of "Maliciously crafted web content," which "May lead to universal cross-site scripting." Apple has heard that the code snafu "May have been actively exploited."
Romance scams remain the most successful fraud strategy for cybercrooks, and represents a growing sector, according to the Federal Trade Commission. Romance scams have flourished during the COVID-19 pandemic, thanks to a widening pool of targets, the FTC said.
Common cybersecurity threats also apply to Premier League football clubs, according to the National Cyber Security Centre, which said that one club nearly sent £1m to fraudsters after a business email compromise attack. "Adenike Cosgrove of email security biz Proofpoint commented:"The sporting industry has complex supply chains and frequently transfers large payment sums, making it a prime target for business email compromise attacks.
Apparently, one of the UK's top football clubs - the report doesn't say which one - almost paid out £1m to crooks after a genuine-looking but fraudulent email convinced the club to nominate a new account to receive the funds. The basic idea behind BEC crime is surprisingly simple: get hold of the email password of someone of importance in the organisation, read all their email before they do, learn how they operate, find out what the company is up to and learn when big payments are coming up, in or out.
Digital rogues are shunning Microsoft in favour of Google when it comes to launching branded spear-phishing attacks, according to threat intel firm Barracuda Networks. The outfit reckons malicious people abusing Google services such as Drive, Docs and Cloud managed to launch 65,000 attacks between January and April.
Digital rogues are shunning Microsoft in favour of Google when it comes to launching branded spear-phishing attacks, according to threat intel firm Barracuda Networks. The outfit reckons malicious people abusing Google services such as Drive, Docs and Cloud managed to launch 65,000 attacks between January and April.
Akamai researchers have seen recycled phishing kits from as far back as July being used in coronavirus-based phishing attacks now. While most of these URLs are new, the phishing kits that operate in the background are not.
That's a very 1990s approach! Why not put your money into a digital piggy bank, instead? Better yet, why not choose a piggy bank that deliberately starts out in debt?
This week we discuss the stalkerware app that spilled bucketloads of ultrapersonal data, a double-whammy ransomware attack on a homeless charity, and an Amazon Prime-themed phishing attack with a skull-and-crossbones twist. LISTEN NOW. Click-and-drag on the soundwaves below to skip to any point in the podcast.