Elizabeth Hernandez

Photo of author
Elizabeth Hernandez is a news writer on Defensorum. Elizabeth is an experienced journalist who has worked on many publications for several years. Elizabeth writers about compliance and the related areas of IT security breaches. Elizabeth's has focus on data privacy and secure handling of personal information. Elizabeth has a postgraduate degree in journalism. Elizabeth Hernandez is the editor of HIPAAZone. https://twitter.com/ElizabethHzone

MOVEit Hack Impacts Delta Dental of California and Pan-American Life Insurance Group

MOVEit Hack Impacts 7 Million People from Delta Dental of California Delta Dental of California reported that it suffered from a mass exploitation conducted by the Clop hacking group of a zero-day vulnerability identified in the MOVEit Transfer solution by … Read more

Unauthorized Use of Software and Cloud Services is a Major Security Risk

Many businesses concentrate on technical measures to protect them against cyberattacks. They invest in firewalls, multifactor authentication, advanced email security solutions, and web filters to block attacks at source, yet often neglect the human factor and do not provide adequate … Read more

Malvertising Campaign Leads to Cactus Ransomware Attack

There are many ways that cybercriminals gain access to business networks, including phishing attacks and exploiting unpatched vulnerabilities. Many businesses now provide security awareness training to employees to improve phishing awareness, but it is also important to teach the workforce … Read more

Email Sextortion Scams are on the Rise

Email is commonly used by threat actors for initial contact with victims and while most attacks attempt to steal credentials or distribute malware distribution, another type of scam has been steadily increasing. Sextortion scams have increased by 178% year over … Read more

Cybercriminals Turn to Web Browsing to Deliver Ransomware

Ransomware attacks have increased significantly in 2023 and the file encrypting malware is now used in around 20% of cyberattacks. Ransomware is used to encrypt business-critical files to prevent access, and a ransom demand is issued for the keys to … Read more

Search Engine Ads Abused to Gain Initial Access to Business Networks

Employees are being targeted in a new malvertising campaign that uses Google and Bing Ads offering a variety of trojanized installers for software solutions such as AnyDesk, Cisco AnyConnect VPN, and WinSCP. These campaigns deliver malware that establishes initial access … Read more

Malicious Ads and Phishing Emails Used to Distribute RomCom Malware

RomCom malware is being distributed via a range of websites that claim to offer downloads of popular software solutions such as AstraChat, GIMP, Go To Meeting, and ChatGPT, and traffic is being sent to those websites by malicious Google Ads … Read more

Threat Actors Increasingly Using Google Ads for Malware Distribution

Malicious actors are abusing Google Ads to drive traffic to malicious websites where malware is downloaded, and abuse of Google Ads for malware distribution is increasing. Google places its Ad blocks at the top of the page, so the adverts … Read more

Major Phishing Campaign Targets Facebook Credentials

While many phishing scams target Microsoft 365 credentials due to the usefulness of the accounts and the data they hold, social media credentials are also highly prized. If a phisher is able to steal Facebook credentials, they can gain access … Read more

Increase in Adversary-in-the-Middle Phishing Attacks That Allow MFA to be Bypassed

Security experts have long recommended that multi-factor authentication be implemented to protect against phishing attacks and for good reason. Single-factor authentication – a password – provides a degree of protection against unauthorized account access; however, with modern GPUs, it is … Read more

Cybercriminals Turn to Malvertising for Malware Distribution Now Microsoft Blocks Macros

Now that Microsoft has started blocking macros in Office documents delivered via the Internet, distributing malware via email has become more difficult and hackers have been forced to change their tactics, techniques, and procedures. This has been seen in phishing … Read more

2022 Phishing Trends and the Outlook for 2023

Several new phishing trends were evident in 2022 as cybercriminals changed their tactics for stealing credentials and distributing malware. The same tried and tested techniques were used in many phishing campaigns, including delivery failure notifications, fictitious charges to accounts, security … Read more

Relatively Simple Smishing Attack Compromised 130 Organizations

Phishing can take many forms and while email phishing is by far the most common way that threat actors phish for sensitive information and distribute malware, other forms of phishing are increasingly being used in attacks on businesses. Cybercriminals are … Read more

Tardigrade Malware Used in Targeted Attacks on Vaccine Manufacturers and Biomedical Firms

Biomedical firms and their partners are being targeted by an Advanced Persistent Threat (APT) actor in a campaign that delivers Tardigrade malware. Initial analyses of Tardigrade malware suggest it is a sophisticated threat from the SmokeLoader malware family. SmokeLoader is … Read more

SharkBot: A Dangerous New Android Banking Trojan Targeting European and US Banks

A new Android banking Trojan named SharkBot has been identified that has capabilities that go beyond most mobile banking Trojans. This new Android malware stands out due to its use of an Automatic Transfer System (ATS) technique that allows it … Read more

Rockingham School District Emotet Malware Infection Cost $314,000 to Address

In November 2018 the Rockingham school district in North Carolina suffered an Emotet malware infection that cost a massive $314,000 to resolve. The malware was delivered using spam emails, which were sent to multiple users’ inboxes. The attack included an often-used … Read more

Two New Ransomware-as-a-Service Operations Emerge: BlackMatter and Haron

Following the ransomware attacks on critical infrastructure in the United States, several ransomware-as-a-service operations went quiet. The attacks attracted a lot of heat for ransomware gangs and several groups responded by either implementing new restrictions on the types of entities … Read more

Safari Scareware Targets Porn Viewers

A flaw in the mobile Safari browser has been targeted by cybercriminals and used to extort money from people who have previously used their mobile device to access pornography or other illegal content. The Safari scareware stops the user from … Read more

Ransomware Mitigations to Protect Your Business

It has been a particularly bad year for ransomware attacks on businesses. Many of the attacked businesses have been unprepared for a ransomware attack and did not implement sufficient ransomware mitigations. Had proactive steps been taken, many of the attacks … Read more

Warnings Issued Following Spike in Ransomware Attacks on Schools

The disruption to learning from a pandemic that has lasted more than a year is bad enough, but many schools have experienced even more disruption just as many have opened their gates and allowed students back into classrooms.  The SARS-CoV-2 … Read more

Gootloader Malware Delivery Framework Uses SEO Poisoning to Deliver Multiple Malware Variants

There has been an increase in the use of a JavaScript-based infection framework known as Gootloader for delivering malware payloads. Gootloader, as the name suggests, has been used to deliver the Gootkit banking Trojan, but also REvil ransomware, Cobalt Strike, … Read more

U.S. Treasury Hit by Email Hacks

Compromised email accounts take place many times around the world every day of the week and it is estimated that 2.5 billion accounts were hacked during 2019 which equates to 6.85 million accounts being hacked every day. Cybercriminals are always … Read more

Vulnerability in VMWare Virtual Workspaces Attacked by Russian State-Sponsored CyberCriminals

The U.S. National Security Agency (NSA) has released a cybersecurity advisory alert informing the public that Russian state-sponsored hackers are focusing on a flaw in VMWare virtual workspaces used to support remote working. The flaw, labelled as CVE-2020-4006, is present … Read more

APT32 and TA416 APT Groups Delivering New MacOS and Windows Malware Variants

The Advanced Persistent Threat (APT) group APT32 – aka OceanLotus – is conducting a malware campaign targeting Apple MacOS users. APT32 is a nation-state hacking group that primarily targets foreign companies operating in Vietnam. The data exfiltrated by the hackers … Read more

IRS Phishing Spoof Involving Request for Outstanding Tax Payment Discovered

A recent phishing campaign has been discovered that deceived the US Internal Revenue Service (IRS) and tells recipients that their are facing immediate legal action to take back a huge tax repayment. These emails are expertly written and demand immediate … Read more

Best Practices for Managed Services Providers to Adopt to Prevent Cyberattacks

Managed Service Providers are an attractive target for cybercriminals. If a threat actor succeeds in gaining access to an MSP’s network, they can use the same remote management tools that MSPs use to conduct attacks on the MSPs clients. Many … Read more

500k PCs Infected with Cryptocurrency Mining Malware in 12 Hours by Dofoil Trojan

A huge campaign distributing the Dofoil Trojan has been discovered by Microsoft. The campaign has already witnessed almost half a million PCs infected with the malware in less than 12 hours. The Dofoil Trojan is otherwise referred to as Smoke … Read more

Cybersecurity Challenges for Remote Working

It is fair to say that more people are now working from home than ever before and the number is growing rapidly due to the coronavirus pandemic. Here we explore some of the key cybersecurity challenges for remote working and … Read more

How to Prevent a Man in the Middle Attack

You will no doubt have heard of a man in the middle (MiTM) attack. Here we define this attack method, explain how a MiTM attack occurs, and show you how to prevent a man in the middle attack and keep … Read more

Tips to Avoid Holiday Season Spam Email Campaigns

In the rush to buy Christmas gifts online, security awareness often is disregarded and hackers are waiting to take advantage. Hidden among the countless emails sent by retailers to inform past customers of the most recent special offers and deals … Read more

Spam Campaigns Delivering Marap and Loki Bot Malware with ICO and IQY Files

A spam email campaign is being conducted focusing on targeting corporate email accounts to share Loki Bot malware. Loki Bot malware is a data stealer capable of obtaining passwords stored in browsers, obtaining email account passwords, FTP client logins, cryptocurrency … Read more

Email Spam and Botnet Infection Levels Quantified

Although many reports seem to indicate that email spam is dropping, email spam and botnet infection is still a major danger for most U.S organizations and people – with criminal practices netting hacking gangs billions of dollars every year. Estimating … Read more

Threat of Exposure & Multiple Malware Infections being Combined with Sextortion Scams

Sextortion scams have proven popular with hackers in 2019. A well-composed email and an email list are all that is necessary. The latter can easily be bought for next to nothing via darknet marketplaces and hacking forums. Next to no … Read more

Anatova Ransomware: A Serious New Malware Threat for 2019

Anatova ransomware is a new cryptoransomware variant that appears to have been released on January 1, 2019. It is stealthy, can infect network shares, has already been used in attacks in many countries around the world. It could well prove … Read more

How Small Businesses Can Improve Wi-Fi Security

Hackers are taking advantage of poor Wi-Fi security to attack small businesses. This post covers simple steps to take to improve Wi-Fi security to block cyberattacks. Small businesses can implement a robust firewall to protect against cyberattacks, but the Wi-Fi … Read more

10 Cybersecurity Tips for Small Businesses

Hackers are increasingly targeting small businesses. These 10 cybersecurity tips for small businesses can be implemented to improve security, prevent successful cyberattacks, and avoid costly data breaches. Many small business owners misguidedly think that their company is too small to … Read more

Mongolock Ransomware Deletes Files and Demands Ransom

A new form of MongoLock ransomware is actively being used in a global campaign. A 0.1 BTC ransom is demanded, although file recovery may not be possible. The ransomware immediately deletes files and formats backup drives and a recoverable copy … Read more

Homebuyers and Sellers Targeted ub Solicitor Email Scam

Home purchasers and real estate agents in the United Kingdom and Ireland are being targeted by cybercriminals using a new solicitor email campaign. The scam, which includes mimicking a solicitor, is costing victims thousands. Additionally, there have some cases seen … Read more

Ryuk Ransomware Suspected in Newspaper Cyberattack

The final weekend of 2018 has seen a significant newspaper cyberattack in the United States that has disrupted production of several newspapers published by Tribune Publishing. The attacks were malware-related and impacted the Saturday editions of the Los Angeles Times, … Read more

Guest Wi-Fi Best Practices

Many businesses now offer their customers free access to their Wi-Fi networks, but if guest Wi-Fi best practices are not followed, opening up Wi-Fi networks to guest users is not without risk. You may have provided security awareness training to … Read more

Worst Passwords of 2018 and Password Best Practices Revealed

It’s the time of year when the poor password practices of users are highlighted. This month has seen the list of the worst passwords of 2018 published and a list of 2018’s worst password offenders. The Worst Passwords of 2018 … Read more

Massive Marriott Data Breach Discovered: 500 Million Guests Affected

A massive Marriott data breach has been detected which could affect as many as 500 million individuals who previously made bookings at Starwood Hotels and Resorts. While the data breach is not the largest ever reported – The 2013 Yahoo … Read more

Sophisticated Phishing Scam Spoofed Iceland Police

Police in Iceland have said a highly complex phishing attack is the biggest ever cyberattack the country has ever witnessed. The campaign saw thousands of messages sent that tried to get Icelanders to download a remote access tool that would … Read more

Universities Targeted as Hackers Search for Valuable Research Data

Hackers have been targeted universities extensively in the last year according to figures recently released by Kaspersky Lab. Universities store very valuable information. As research group collate valuable proprietary data. The results of research studies are particularly valuable. It may … Read more

FilesLocker Ransomware: A New RaaS Variant Targeting Chinese and English Speakers

A new ransomware threat has been detected called FilesLocker which is currently being offered as ransomware-as-a-service (RaaS) on a TOR malware forum. FilesLocker ransomware is not a particularly sophisticated ransomware variant, but it still poses a significant threat. FilesLocker ransomware … Read more

Stealthy sLoad Downloader Performs Extensive Reconnaissance Before Delivering Payload

The past few months have seen an increase in new, versatile malware downloaders that gather a significant amount of data about users’ systems before deploying a malicious payload. That payload is determined on the users’ system. Marap malware and Xbash … Read more

XMRig Cryptocurrency Miner Installed Using Fake Adobe Flash Updates

Using fake software updates to spread malware is not a new phenomenon, but a new malware campaign has been discovered that is quite different. Fake Adobe Flash updates are being spread that actually do update the user’s Flash version, albeit … Read more

New Malware Variant CamuBot Trojan Being Used in Targeted Attacks on Companies

Spam or junk email may be the primary method of sharing delivering banking Trojans, however there are many other ways of convincing employees to download and install malware on their computers. The CamuBot Trojan the method used is vishing. Vishing … Read more

CamuBot Trojan Used in Targeted Attacks on Businesses

The CamuBot Trojan is a new malware variant that is being used in vishing campaigns on employees to obtain banking credentials. Cybercriminals Use Vishing to Convince Employees to Install CamuBot Trojan Spam email may be the primary method of delivering … Read more

Versatile New AdvisorsBot Malware Threat Distributed Through Spam Email

Hotels, restaurants, and telecommunications businesses are being focused on in  a new spam email campaign that sends a new variety of malware called AdvisorsBot. AdvisorsBot is a malware downloader which, like many malware variants, is being shared vis spam emails … Read more