In late August, our mail traps started picking up some unusual blackmail messages. In them, cybercriminals claim to have planted a tetryl-charged bomb somewhere in the recipient’s office and say it will be detonated unless a ransom is paid or if police activity is observed near the building. In reality, of show more ...
course, there is no bomb — it’s an empty threat mailed indiscriminately to companies of all sizes. Cybercriminals count on scaring the victim into a knee-jerk response, because with time to think, they will realize that paying ransom solves nothing — if there is a bomb in the building, it’s not going anywhere. In terms of structure and delivery method, this type of blackmail is the logical continuation of scam mailings threatening to publish users’ private information. The extortionists aren’t choosing specific targets for such threats; they use huge mailing lists and hope that at least some of the recipients will take the threat seriously enough to pay up. The main difference in the “explosive” version is the increase in the ransom amount. Whereas individuals are asked to cough up the equivalent of $500–1,000 in bitcoin (the maximum we’ve seen was around $5,000), for companies supposedly rigged with explosives the amount rises to roughly $20,000. The bulk of the scam e-mails are written in German, but we found English versions as well. This batch of attacks appears thus far to be the work of just one entity, but if victims succumb to the threat and transfer money, the method is sure to attract imitators. Another potentially distinguishing feature of this new wave of extortion e-mails is the potential punishment: Blackmail is a crime in itself, but some countries have separate laws for false bomb threats. What to do To avoid becoming a victim of any ransomware scam, we recommend staying vigilant and following a few simple tips: Don’t panic — and never pay. Even if the threat were real, yielding to it wouldn’t solve the problem. Even if you suspect or know a threat is false, don’t respond; that would only confirm to the attackers that your e-mail address is valid and that the message has been read. And that would only cause the inflow of fraudulent messages and other spam to increase. Use reliable security solutions that automatically identify dangerous e-mails and block them before they reach employees’ inboxes. Our corporate mail security solutions use heuristic algorithms to detect such e-mails. Particularly good at this task are Kaspersky Security for Microsoft Office 365 and Kaspersky Security for Mail Server, which is part of Kaspersky Total Security for Business.
This month, of the 129 vulnerabilities patched, 32 were classified as remote code execution issues, which are bugs that permit attackers to exploit vulnerable applications remotely, over a network.
An attacker can exploit these vulnerabilities by having an administrator visit a link — or even view an image — by using a specifically crafted payload specific to the targeted website.
A new Harvard study shows that China has closed the gap on the U.S. in three key categories: surveillance, cyber defense, and its efforts to build up its commercial cyber sector.
CyberRisk Alliance (CRA), a business intelligence company serving the cybersecurity and information risk management marketplace, has acquired Security Weekly, a cybersecurity podcast network.
TeamTNT used an opensource tool specifically created to monitor and control cloud environments with Docker and Kubernetes installations, thus reducing their footprint on the breached server.
Private details relating to more than 50,000 letters sent out by banks and local authorities were indexed by Google after a London-based outsourcing firm left its system hopelessly exposed.
K-Electric, the sole electricity provider for Karachi, Pakistan, has suffered a Netwalker ransomware attack that led to the disruption of billing and online services.
Researchers have discovered a new Android spyware campaign pushing the “TikTok Pro” app to exploit users' fears of the popular social media app getting being banned in the United States.
Yubico announced the general availability of the YubiKey 5C NFC, a multi-protocol security key with smart card support, designed with both NFC and USB-C connections on a single device.
Vulnerabilities affecting CodeMeter, a popular licensing and DRM solution made by Wibu-Systems, can expose industrial systems to remote attacks, industrial cybersecurity company Claroty warned.
The official leading the effort to protect U.S. elections from foreign hacking said on Tuesday he had seen no signs of infiltration on computer systems used to record and tabulate votes.
The Clark County School District says its computer system was infected by a ransomware attack during the first week of school and some employee personal information may have been exposed.
The COVID-19 pandemic has led to a significant shift in tactics employed by cyber-criminals, according to Bitdefender’s Mid-Year Threat Landscape Report 2020, published today.
The growth of the cloud has been truly astonishing. In less than fifteen years, it has become part of everyday life and casual conversations about moving photos and other data into the cloud.
A new space policy directive issued by the Trump administration last week calls on the space industry to develop cybersecurity measures to protect essential satellites in orbit.
Consisting of people from DDS, NSA, FBI, the Department of Homeland Security and the Department of Health and Human Services, Operation Warp Speed has been running behind the scenes for months.
The global pandemic has sent 92% of organizations scurrying to adopt new technologies in order to facilitate remote work, but APAC businesses often fall short on cloud and endpoint security.
Ubuntu Security Notice 4488-2 - USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly show more ...
use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges.
Red Hat Security Advisory 2020-3616-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, and cross site scripting vulnerabilities.
Ubuntu Security Notice 4491-1 - It was discovered that GnuTLS incorrectly handled certain alerts when being used with TLS 1.3 servers. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.
A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure," Israeli cybersecurity firm Intezer said
We have all heard of the "cybersecurity skills gap" — firms' inability to hire and retain high-level cybersecurity talent. I see this gap manifesting in two ways. First, companies that want to hire cybersecurity talent simply cannot find candidates with sufficient skills. Second, companies that cannot afford specialized cybersecurity talent and therefore lack the necessary skills to
A reader got in touch with me regarding a suspicious email they had received claiming to come from Facebook. What I expected to be a simple phishing email turned out to be something much more curious...