Elizabeth Hernandez

A massive MagnetoCore malware campaign has been uncovered that has seen thousands of Magneto stores compromised and loaded with a payment card scraper. As visitors pay for their purchases on the checkout pages of compromised websites, their payment card information … Read more

Hotels, restaurants, and telecommunications companies are being focused on with a new spam email campaign that sends a new form of malware called AdvisorsBot. AdvisorsBot is a malware downloader which, like many strains of malware, is being shared using spam … Read more

Hotels, restaurants, and telecommunications businesses are the focus of a new spam email campaign that broadcasts a new form of malware titled AdvisorsBot. AdvisorsBot is a malware downloader which, like many malware variants, is being sent using spam emails containing … Read more

In May 2017, WannaCry ransomware attacks brought many businesses to a stop, with the UK’s National Health Service (NHS) a notable target. Now, a little more than 12 months later, a new WannaCry ransomware campaign is being operated, or so … Read more

Many large healthcare data breaches recently have been reported that have seen hackers obtain access to employees’ email accounts and sensitive data, although the recently shared UnityPoint Health phishing attack stands out due to the massive number of individuals that … Read more

A new Adidas phishing scam has been discovered that involves offering free shoes and money. The messages claim that Adidas is celebrating its 69th anniversary and sending 2,500 lucky customers a free pair of Adidas sneakers along with a free … Read more

The Lazio phishing scam looks to have lead to a €2 million loss for the Italian Serie A football team, which made the final installment of a transfer of a football player to the bank account of a cybercriminal. The … Read more

A huge  cryptocurrency mining campaign has been discovered by security experts at Kaspersky Lab – a campaign that has lead to the creation of a vast network of devices infected with PowerGhost malware. PowerGhost malware is being downloaded to all … Read more

The cost of ransomware attacks cannot be estimated by the amounts illegally earned by hackers due to ransom payments. In fact, the ransom payments are just a small part of the costs experienced by companies that have been attacked with … Read more

A hacking group has succeeded in infecting hundreds of thousands of routers with VPNFilter malware. The scale of the malware campaign is astonishing. So far more than half a million routers are believed to have been infected with the malware, … Read more

Microsoft has published new figures that show there has been a sizeable upwards surge in tech support scams over the past 12 months. The amount of victims that have reported these scams to Microsoft increased by 24% in 2017. The … Read more

The 2018 World Cup is just two weeks and the media frenzy surrounding the soccer extravaganza is already reaching fever pitch. Sadly, Kaspersky Lab has already identified several World Cup 2018 phishing scams, with many of the early scams using emails … Read more

Two new phishing campaigns have been uncovered recently that have seen phishers sink to new depths. An active shooter phishing campaign has been discovered that uses fear and urgency to steal details, while a Syrian refugee phishing campaign focuses on … Read more

Two new phishing campaigns have been discovered in the last three weeks that have seen phishers sink to new depths. An active shooter phishing campaign has been discovered that uses fear and urgency to steal credentials, while a Syrian refugee … Read more

A database of U.S. consumer information has been left unprotected online by the marketing company Exactis. At 340 million records, this is the biggest data breach of 2018. You may not have heard about Florida-based data broker Exactis, but chances … Read more

2017 has been a particularly bad year for data violations, but what were the worst data breaches of 2017? We have put together a list of the largest and most serious cyber attacks that came to light in 2017. Equifax … Read more

The Rockingham school district in North Carolina identified that Emotet malware had been downloaded to its network in late November. The cost of tackling the infection was a massive $314,000. The malware was sent using spam emails, which arrived in … Read more

The Rockingham school district in North Carolina discovered Emotet malware had been installed on its network in late November. The cost of resolving the infection was an astonishing $314,000. The malware was delivered via spam emails, which arrived in multiple … Read more

15 years after the launch of the wireless security protocol WPA2, the Wi-Fi Alliance has announced this year will see the release of the WPA3 protocol. The transition period from the WPA2 to WPA3 protocol is expected to take several … Read more

A recently identified Forever 21 POS malware attack has resulted in customers’ credit card data being accessed. While malware attacks on retail POS systems are now a regular occurance, in the case of the Forever 21 POS malware attack, the … Read more

Xafecopy malware is a new Trojan that is being leveraged to take money from victims using their smartphone devices. The malware looks like a useful apps that function exactly as expected, although along with the useful functions, the apps have … Read more

The Terdot Trojan is a new strain of Zeus, a highly effective banking Trojan that was first spotted in 2009. While Zeus has been discontinued, its source code has been accessible since 2011, allowing hackers to create a range of … Read more

The Terdot Trojan is a form of Zeus, a highly successful banking Trojan that first was seen in 2009. While Zeus is no longer doing the rounds, its source code has been available since 2011, allowing cyber criminals to produce … Read more

The Terdot Trojan is a new incarnation of Zeus, a highly successful banking Trojan that first appeared in 2009. While Zeus has been retired, its source code has been available since 2011, allowing hackers to develop a swathe of new … Read more

Combosquatting is a popular technique used by hackers, spammers, and scammers to fool users into downloading malware or revealing their credentials. Combosquatting should not be confused with typosquatting. The latter involves the purchasing of domains with transposed letters or common … Read more

Microsoft Office documents that include malicious macros are commonly used to distribute malware and ransomware. However, security experts have now identified Microsoft Office attacks without macros, and the technique is more difficult to block. While you can turn off macros … Read more

The cyberattack on Equifax impacted around 50% of the population of the United States. 143 million U.S. consumers may have had their sensitive data illegally obtained by hackers, as did around 400,000 individuals in the United Kingdom and 100,000 consumers … Read more

Last year, the Mirai botnet was used in massive DDoS attacks; however, the IoT Reaper botnet could redefine massive. The Mirai botnet, which mostly consisted of IoT devices, was capable of delivering DDoS attacks in excess of 1 terabit per … Read more

Trickbot malware is a banking Trojan that has been around for some time, although its developers have recently created a WannaCry ransomware-style worm module that allows it to spread much more swiftly. The latest NotPetya attacks also included a similar … Read more

A new attack method – termed Bashware – could permit hackers to download malware to Windows 10 computing devices without being discovered by security software, according to research published by Check Point. The Windows Subsystem for Linux (WSL) was brought … Read more

A phishing attack on a HIPAA-covered entity has lead to in a $400,000 HIPAA breach fine for non-compliance. This is not the first time a phishing attack has resulted in a penalty from OCR for non-compliance. The failure to stop … Read more

Consumers should be wary of Equifax phishing attacks following massive data breach revealed earlier this month. The 143 million records possibly stolen in the breach will be monetized, which means many will likely be sold to hackers. Trend Micro has … Read more

This week, news has emerged about a serious Deloitte data breach that allegedly resulted in ‘several gigabytes’ of sensitive emails sent to and from the accountancy firm’s clients being obtained by hackers. Deloitte is one of the big four accountancy … Read more

A Barts Health malware attack resulted in the shutdown of hospital IT systems on Friday last week as the UK NHS Trust attempted to address the damage caused and limit the infection. Barts Health is the biggest NHS Trust in … Read more

The cyberattack on Equifax affected almost half the population of the United States. 143 million U.S. consumers potentially had their sensitive data stolen by hackers, as did around 400,000 individuals in the United Kingdom and 100,000 consumers in Canada. To … Read more

The average cost of a SMB data breach is now $117,000 per incident, according to a large study of data breach costs at small to medium sized businesses. The study was conducted by Kaspersky Lab and B2B International, with over … Read more

Popup warnings of missing fonts, specifically the Hoeflertext font, are being used to infect users with malware. The Hoeflertext warnings appear as popups when users visit compromised websites using the Chrome or Firefox browsers. The warnings flash up on screen … Read more

Defray ransomware is being used in targeted hacking campaigns on groups in the healthcare and education sectors. The new ransomware variant is being shared via email; however, in contrast to many ransomware campaigns, the emails are not being distributed in … Read more

The busiest day of the week for email spam is  typically Tuesday and cyber criminals focus on sending messages during the working day, Monday to Friday, according to a 2017 spam study completed by IBM X-Force. The study was carried … Read more

Two new Locky ransomware spam campaigns have been witnessed this month, each being used to distribute a new variant of the cryptoransomware. The campaigns have started after a relatively quiet period for ransomware campaigns, although the most recent campaigns show … Read more

The cost of a malware attack is difficult to predict. There are many factors that affect the cost. The type of malware, whether data were stolen, the extent of the infection, how easy it is to mitigate, and how much … Read more

The most hectic day of the week for email spam is Tuesday and hackers focus on sharing messages during working hours, Monday to Friday, according to a 2017 spam study facilitated by IBM X-Force. The study was run during 6-month … Read more

The importance of implementing good patch management policies was clearly highlighted by the WannaCry ransomware attacks in May. The ransomware attacks were made possible due to poor patch management policies at hundreds of companies. The attackers leveraged a vulnerability in … Read more

Ransomware attacks on small businesses can have major consequences. Many small companies have little spare capital and certainly not enough to be doling out cash to cybercriminals, let alone enough to cover the cost of loss of business while systems … Read more

A U.S senator is asking the Department of Homeland Security and other federal agencies to implement DMARC to prevent impersonation attacks being conducted through email. In recent months, several government agencies have been focused on by phishers who have used … Read more

The self-titled Spam King, Sandford Wallace, has been given a 30-month jail sentence in relation to a Facebook spam campaign carried out between November 2008 and February 2009. Wallace illegally gained access to around 550,000 Facebook accounts and used those … Read more

2017 US data breaches have reached a record high, jumping an incredible 29% year over year. The mid-year data breach report from the Identity Theft Resource Center (ITRC) and CyberScout shows there were 791 reported data breaches between January 1 … Read more

Human error was to blame for a massive Verizon Communications data leak that saw the personal information, account details and PIN numbers of more than 6 million customers exposed on the Internet. The Verizon Communications data leak is particularly serious … Read more