Security News

The annual bible of security breaches landed on Thursday with confirmation of more bad news: ransomware attacks continue to explode as organizations struggle with securing web apps, cloud deployments and employees victimized by social engineering. The data, contained in the new Verizon 2021 Data Breach Investigations Report, shows that data-encrypting ransomware attacks appear in about 10 percent of breaches, more than double the frequency from last year.

UK rail operator West Midlands Trains sent an email to 2,500 employees to thank them for hard work during COVID and promised a one-time bonus as a reward, but that lovely news turned out to be phishing training. The event may end up costing the UK train operating company as Cortes has demanded the company make good and provide the promised bonuses.

Domains'n'hosting outfit Namecheap harboured more than a quarter of all known phishing sites that falsely posed as UK government web presences during 2020, according to the National Cyber Security Centre today. It also encountered the usual COVID-themed ones we've all become familiar with over the last year - fake copies of the NHS Test and Trace app laced with malware - plus sites impersonating Capita TV Licensing, the outsourced subscription sales arm of the BBC. Email scams were also popular, with 26,000 being shut down after netizens flooded the NCSC's email reporting portal with complaints of four million suspicious messages.

"Simple" can often be harder than "Complex." When thinking about the trickiest phishing campaigns and their components, URL redirection does not immediately come to mind as the part causing the trouble. URL forwarding is one method that is often abused by cybercriminals to create multi-layered phishing attacks.

Federal law enforcement in Maryland has shut down a fraudulent website targeting immigrant communities that claimed to be for a company developing a COVID-19 vaccine. The U.S. Attorney's Office for the District of Maryland, working with Homeland Security Investigations in Baltimore, seized "Freevaccinecovax.org," "Which purported to be the website of an actual biotechnology company developing a vaccine for the COVID-19 virus," according to a release on the office's website posted earlier this week.

These domains are like the real thing and are often visited by users who have mistyped the genuine domain URL. Unfortunately, criminals are good at finding new ways to trick unsuspecting visitors to your website. Many domain registration companies now offer value-added services that can help protect against criminals seeking to exploit established domains.

Yubico announced its next-generation FIPS security keys: the YubiKey 5 FIPS Series. The addition of the YubiKey 5 NFC, YubiKey 5C NFC, and YubiKey 5Ci into the FIPS series lineup significantly expands coverage for mobile-first environments that many organizations have been waiting for.

The U.S. Agency for Global Media has disclosed a data breach that exposed the personal information of current and former employees and their beneficiaries. USAGM is a US government agency whose mission is to "Inform, engage, and connect people around the world in support of freedom and democracy." USAGM operates broadcast networks, such as Voice of America, Radio Free Europe, Office of Cuba Broadcasting, Radio Free Asia, and Middle East Broadcasting Networks, to deliver news and information to people worldwide.

Two waves of global financial phishing attacks that swamped at least 50 organizations in December have delivered three new malware families, according to a report from FireEye's Mandiant cybersecurity team. On Tuesday, the team said that they've dubbed the hitherto-unseen malware strains Doubledrag, Doubledrop, and Doubleback.

A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures. UNC2529, as Mandiant threat researchers track the "Uncategorized" threat group behind this campaign, has deployed three new malware strains onto the targets' computers using custom phishing lures.