US government securities watchdog spoofed by investment scammers – don’t fall for it!

by: Paul Ducklin The US Securities and Exchange Commission (SEC) has issued numerous warnings over the years about fraudsters attempting to adopt the identity of SEC officials, including by phone call spoofing. Call spoofing is where a scammer calls you up on your landline or mobile phone, claims to be from organization X, and then […]
Online Holiday Scams are Upon Us

Holidays are the times we look forward to our entire year. Whether it be joyful times with family or vacation plans, everything can be messed up if you are not careful enough. You see, cybercriminals are also looking forward to holidays to gain some monies and steal your deets. FBI warns against Cyber Monday scam […]
Costco discloses data breach after finding credit card skimmer

By: Sergiu Gatlan Costco Wholesale Corporation has warned customers in notification letters sent this month that their payment card information might have been stolen while recently shopping at one of its stores. The retail giant (also known as Costco Wholesale and Costco) is an American multinational that operates a large chain of membership-only retail stores, the fifth-largest […]
FBI: Ransomware targets companies during mergers and acquisitions

By: Sergiu Gatlan The Federal Bureau of Investigation (FBI) warns that ransomware gangs are targeting companies involved in “time-sensitive financial events” such as corporate mergers and acquisitions to make it easier to extort their victims. In a private industry notification published on Monday, the FBI said ransomware operators would use the financial information collected before attacks […]
US government discloses more ransomware attacks on water plants

By: Sergiu Gatlan U.S. Water and Wastewater Systems (WWS) Sector facilities have been breached multiple times in ransomware attacks during the last two years, U.S. government agencies said in a joint advisory on Thursday. The advisory also mentions ongoing malicious activity targeting WWS facilities that could lead to ransomware attacks affecting their ability to provide […]
Facebook privacy Settings you should change now

by: Kaleb Brown As if Facebook didn’t have enough drama last week following the testimony from the whistleblower and the outage affecting all of its sites on October 4th, privacy research company Privacy Affairs found personal data from more than 1.5 billion Facebook users for sale on a hacker forum. According to the Statista Research […]
Enterprises Warned About Zix-Themed Credential Phishing Attacks

By Eduard Kovacs Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be related to services offered by security company Zix. Zix provides cybersecurity, compliance and productivity solutions to 21,000 organizations, and cybercriminals have been leveraging the company’s reputation in a […]
US farmer cooperative hit by $5.9M BlackMatter ransomware attack

By: Lawrence Abrams U.S. farmers cooperative NEW Cooperative has suffered a BlackMatter ransomware attack demanding $5.9 million not to leak stolen data and provide a decryptor. NEW Cooperative is a farmer’s feed and grain cooperative with over sixty locations throughout Iowa. In a weekend ransomware attack, the threat actors demand a 5.9 million dollar ransom, […]
Are you backing up your Office 365? (Probably not)

By: Kaleb Brown When purchasing Office 365, you’ve probably been under the impression that your information is safe and secure. You pay a monthly (or annual) fee for this service and you’ve never noticed anything missing so is it safe to assume it is being backed up? Short answer – No. In the case that […]
The home security system that can be hacked with your email address

By: Paul Ducklin A researcher at vulnerability and red-team company Rapid7 recently uncovered a pair of risky security bugs in a digital home security product. The first bug, reported back in May 2021 and dubbed CVE-2021-39276, means that an attacker who knows the email address against which you registered your product can effectively use your […]