Credential Stuffing Attacks Generate Billions of Login Attempts

Credential stuffing is a type of cyber attack where stolen account credentials consisting of lists of usernames and email addresses with corresponding passwords are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application. Continue reading Credential Stuffing Attacks Generate Billions of Login Attempts

Email PDF Attachments to Control Stealthy Backdoor

Turla, a highly sophisticated Russian cyberespionage group, also known as Snake and Uroburos, for the past several years have been using PDFs in emails to control an especially stealthy Microsoft Outlook backdoor. The most recent victims of the backdoor include Germany’s Federal Foreign Office, a significant defense contractor, and the foreign offices of at least two other European countries. In the attack against the Germany’s Federal Foreign Office, Turla dropped the backdoor on several systems and used them to steal data. Continue reading Email PDF Attachments to Control Stealthy Backdoor

SharePoint Online Phishing Attacks on Office 365 users

A Microsoft Office 365 SharePoint Online Phishing attack is on the rise for stealing login credentials dubbed as PhishPoint. According to Security Affairs, this new phishing attack has already affected about 10% of Office 365 users. From a number’s perspective based on October 2017 reported number of users on Microsoft Office 365 was about 120 Million users, we suspect that has grown to about 150 Million users till date. So, 10% is about 15 Million users impacted and growing. Continue reading SharePoint Online Phishing Attacks on Office 365 users

Phishing Attacks are on the Rise in 2018

Each quarter, the Anti-Phishing Working Group (APWG) prepares a report to keep all sectors aware of current cybercrime threats. The APWG recently released Phishing Activity Trends Report for Q1 2018 on July 31st, 2018. Phishing Activity Trends Report contains detailed data compiled from reported Phishing Campaigns. Phishing Campaigns are emails sent to multiple users with a familiar subject line to get the user to trust the email to open the email and a phishing website that uses safe and ethical phishing practices. Continue reading Phishing Attacks are on the Rise in 2018

Mobile Phishing Scams are on the Rise

Phishing is the practice of sending fraudulent messages or emails pretending to be a part of reputable companies and trying to get individuals to reveal personal information about themselves, whether it be social security numbers, bank account numbers, passwords, etc. In the past few years, the number of phishing scams  have been increasing at an immense rate. According to the security firm Lookout, the rate at which enterprise users are falling for phishing attacks on mobile has increased by 85% every year since 2011. Continue reading Mobile Phishing Scams are on the Rise

Atlanta Airport Wi-Fi finally operating after Cyberattack

According to abcnews, on March 22, 2018 the city of Atlanta computer network was hit by a Ransomware attack. The attack included the encryption of some city data and caused outages for numerous city applications. In order to prevent from Ransomware attack, on March 23, 2018 Atlanta airport shut down its Wi-Fi network and the systems that provide flight information and security checkpoint wait times on its website. Continue reading Atlanta Airport Wi-Fi finally operating after Cyberattack

Employee Payroll Direct Deposits are the new targets of a phishing scam

An alarming notice to employers and employees! There is an outrageous new phishing scam, affecting most of the employers and employees nationwide, with regard to their payroll service providers and direct deposits, in an attempt to steal your employees’ paychecks. Yes, you read it correctly. These cyber-criminals are going after your employees’ hard-earned income.   Continue reading Employee Payroll Direct Deposits are the new targets of a phishing scam

Basic Security Awareness Training is no longer sufficient

There has been an alarming rise in phishing scams which has resulted in large volumes of data being accessed illegally by cyber criminals – phishing scams such as the Bell Canada Scam, KRACK Attack, Netflix Scam, Google Docs Phishing Scam, and many more.

Phishing scams are getting more sophisticated and harder to detect. It’s no wonder protecting an organization from cyber-attacks has become one of the most common security challenges that an organization faces today in keeping their data secure. Continue reading Basic Security Awareness Training is no longer sufficient

New Email Security Study Shows a Massive 10.5% Failure Rate

The aggregated results of a new email security analysis show over 10% average rate at which enterprise email security systems miss spam, phishing and malware attachments.
The summary of findings encompasses user mailboxes at companies tested in the Email Security Gap Analysis program during September and October 2017. Continue reading New Email Security Study Shows a Massive 10.5% Failure Rate