Security News

Hackers with access to the Signaling System 7 used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business. Hackers pulling an SS7 attack can intercept text messages and calls of a legitimate recipient by updating the location of their device as if it registered to a different network.

Microsoft is top of the heap when it comes to hacker impersonations - with Microsoft products and services featuring in nearly a fifth of all global brand phishing attacks in the third quarter of this year. The top three phishing brands exploited by email phishing attacks were Microsoft, DHL and Apple; on the web, it was Microsoft, Google and PayPal; and for mobile, WhatsApp, PayPal and Facebook took the top spots.

An attack involving the Ryuk ransomware required 29 hours from an email being sent to the target to full environment compromise and the encryption of systems, according to the DFIR Report, a project that provides threat intelligence from real attacks observed by its honeypots. Over the past two years, Ryuk has been responsible for a significant number of high-profile attacks, including incidents involving Pennsylvania-based UHS and Alabama hospital chain DCH Health System.

To trick users into clicking these buttons, the malware distributors create Word and Excel documents that contain text and images stating that there is an issue displaying the document. The combination of text and images in these malicious attachments are called 'document templates.

"The ICO investigation found that the company was not involved in the business of supplying PPE, but that the director had decided to buy face masks to sell on at a profit," the data regulator said in a statement. The firm is also said to have "Deleted a database of key evidence which would have shown the full extent of the volume of emails they had sent" after ICO investigators contacted the company.

A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump's health after being infected with COVID-19. To capitalize on this, the threat actors behind the BazarLoader trojan have started a new phishing campaign that pretends to have insider information on Trump's condition.

David Mitchell, Senior Director of Email Product Management at Sophos, shares his top tips to optimize workplace email security. Five steps to secure your organization's email.

Aussie telco Telstra has apologised after a Border Gateway Protocol routing oddity caused traffic destined for encrypted email service ProtonMail to wrongly pass through Telstra's servers. Switzerland-headquartered ProtonMail raged in a blog post that Telstra had engaged in "BGP hijacking" through what it described as "Incompetence and not malice", complaining that "Around 30 per cent of the global internet looking for us got pointed to Telstra instead".

On Thursday, hundreds of U.S. organizations were targeted by an Emotet spear-phishing campaign, which sent thousands of emails purporting to be from the Democratic National Committee and recruiting potential Democratic volunteers. Emotet has historically utilized a variety of lure themes leveraging current events - from COVID-19 to Greta Thunberg.

Britain's Information Commissioner's Office has confirmed it is investigating grumbles about heavy-handed marketing emails and texts promoting the NHS COVID-19 contact-tracing app in England. Between 26 and 27 September, NHS Test and Trace messaged anyone resident in the country who was over the age of 16 and had previously provided their contact details to a GP. Those contacted had not specifically opted in to receive marketing communications regarding the NHS COVID-19 app.