Blog item

Share There's a new hacking campaign underway that you need to be aware of especially if you or anyone you know is interested in upgrading to Windows 11. The campaign appears to be a legitimate offer from Microsoft and it gives users the opportunity to upgrade to Windows 11 for free. Unlike many campaigns of this type, this one distinguishes itself in that it does not rely on emails that spoof the Microsoft brand.  Rather, it leverages "poisoned" search results that leads a [...]

Read more

Share If you rely on a Microsoft Exchange server to handle email for your company, there is something you should be aware of. Recent research by security and analytics company Varonis has discovered that an affiliate of Hive ransomware has begun targeting Exchange servers that are vulnerable to ProxyShell security issues. If the group in question finds a vulnerable server, they'll install a variety of backdoors including Cobalt Strike beacon. That allows them to come back later and [...]

Read more

Share Considered to be social media for professionals, LinkedIn is an invaluable tool for millions of people all over the world and a great way to make a wide range of professional connections. Unfortunately, hackers and scammers are aware of this fact and tend to gravitate to it as well. They are hoping to take advantage of the unsuspecting.  Recent research from the cybersecurity company Check Point reveals that LinkedIn has become the most spoofed brand in phishing attacks. [...]

Read more

Share The owners of the Qbot botnet are changing things up.  The botnet's normal Modus Operandi for distributing their signature Qbot malware has been to push their malicious code via phishing emails which contain Microsoft Office documents laden with poisoned macros. More recently though, the group behind the botnet has switched to phishing emails carrying password-protected ZIP files which contain malicious MSI Windows Installer packages. It's the first time we've seen this [...]

Read more

Share There's a new strain of malware that specifically targets Android users that you should be aware of.  Dubbed simply "Fakecalls," it is a banking trojan that boasts a powerful new ability we haven't seen before in the malware world.  It can fake a call from your bank. On its face, it looks like most of the other mobile banking apps that Android users install.  The graphics are well-done and it's a convincing copy of the banking software that it seeks to emulate. It[...]

Read more

Share Do you use the popular smartphone app "Cash App?"  If so, you're certainly not alone.  It is wildly popular and used by millions of people around the world. As one of the most wildly popular things on the web, that has made it a target. Cash App was formerly known as Square. Recently, they submitted a filing to the SEC (Securities and Exchange Commission) acknowledging that they had been breached. This was not a conventional hacking attack however.  In this [...]

Read more

A nasty new malware strain has recently been spotted in the wilds by researchers at zScaler. Dubbed "BlackGuard" the malicious code has been found on a variety of Russian underground Blackhat forums.  It is offered as a service and anyone criminally minded can access the code for the bargain price of just $200 a month. Because the malware is quite new the yet unknown authors are also selling lifetime subscriptions for just $700 in a bid to rapidly grow the code's user base and [...]

Read more

Do you have an Android device?  Even if you don't, you know someone who does. Google is incredibly good at spotting poisoned copies of apps on its Play Store and getting rid of them before they can spread to the devices of users who rely on the safety and security offered by the Play Store. As good as they are, they're not perfect and sometimes malicious code masquerading as a legitimate app can slip through the company's impressive filtering system. Recently, the company [...]

Read more

Share It's 2022 and after years of warning people repeatedly about the dangers of using the same old passwords and using the same password across multiple websites, you would think this would get better. You would think we'd have that problem solved and there would be one less network security risk to worry about. Unfortunately, if you think that you would be wrong. Even now, after endless hours of email safety training and articles just like this one published by the hundreds all [...]

Read more

The US Federal Trade Commission reports that Americans lost almost six billion dollars to fraud last year.  The $5.8 billion total represented a catastrophic 70 percent increase compared to the losses reported in 2020. The FTC maintains a database of millions of consumer records it uses to track such information. Based on the statistics gleaned from that database, US consumers filed 2,789,161 fraud reports during 2021. Roughly a quarter of those indicated a monetary loss. A [...]

Read more