MSPs Targeted in New GandCrab Ransomware Campaign
Feb15

MSPs Targeted in New GandCrab Ransomware Campaign

Managed service providers (MSPs) and IT support companies are being targeted in a new GandCrab ransomware campaign. MSPs are an attractive target. If access can be gained to MSP systems, the attackers can abuse trusted relationships to perform attacks on their clients. MSPs are often used by SMBs that do not have the internal resource to manage their own IT or have insufficient staff numbers to devote to cybersecurity. MSPs perform a...

Read More
Emotet Threat Actors Now Distributing Trojan via XML Files Masked as Word Documents
Feb15

Emotet Threat Actors Now Distributing Trojan via XML Files Masked as Word Documents

At least one cybercriminal group distributing the Emotet Trojan has started using a new tactic to infect end users with the malware. The malware is now being delivered using XML files disguised as Word documents, with the malware installed via embedded macros. The Emotet Trojan is one of the most rapidly evolving malware variants. The malware is regularly updated with new functions and the methods used to distribute the malware and...

Read More
Mac Users Targeted with New Shlayer Malware Variant
Feb15

Mac Users Targeted with New Shlayer Malware Variant

A new Shlayer malware variant has been detected that infects Mac computers and disables macOS Gatekeeper security software. The latest version of the malware was identified by researchers at Carbon Black and appears to only target MacOS versions from 10.10.5 to 10.14.3. Shlayer malware is distributed via fake Flash Player updates. Warnings are generated when visiting websites advising the user that their Flash Player is out of date...

Read More
VFEmail Suffers Catastrophic Cyberattack with Permanent Loss of Customers Email Data
Feb13

VFEmail Suffers Catastrophic Cyberattack with Permanent Loss of Customers Email Data

The email provider VFEmail has suffered a cyberattack that has caused “catastrophic destruction.” A hacker with a Bulgarian IP address gained access to its U.S. servers and formatted them; destroying all data in its primary and backup systems. The attack started in the morning of February 11, 2019. VFEmail issued a statement saying that all disks on its U.S. servers were formatted and all of its virtual machines, mail servers, and...

Read More
February 2019 Patch Tuesday: Microsoft Fixes 74 Vulnerabilities; Adobe 75
Feb13

February 2019 Patch Tuesday: Microsoft Fixes 74 Vulnerabilities; Adobe 75

February 2019 Patch Tuesday has seen almost 150 vulnerabilities fixed by Microsoft and Adobe, including 43 critical Adobe flaws and 20 critical Microsoft vulnerabilities, one of which is being actively exploited in the wild.    The actively exploited vulnerability was discovered by the Google Project Zero team. The vulnerability is in Internet Explorer 11 – CVE-2019-0676 – and could be exploited if a user visits a specially...

Read More