FBI’S 2018 Internet Crime Report Shows Massive Increase in BEC Attack Losses
Apr24

FBI’S 2018 Internet Crime Report Shows Massive Increase in BEC Attack Losses

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has released its 2018 Internet Crime Report which shows there was a dramatic rise in losses due to cybercrime in 2018. In 2018, IC3 received 351,936 complaints involving more than $2.7 billion in losses. That represents an increase in losses of more than 92% compared to 2017. 2018 accounted for 36% of all losses from the past five years and complaints about...

Read More
Security Researcher Who Thwarted WannaCry Ransomware Pleads Guilty to Malware Development and Distribution
Apr23

Security Researcher Who Thwarted WannaCry Ransomware Pleads Guilty to Malware Development and Distribution

The security researcher who identified and activated the kill switch in WannaCry ransomware in 2017 and played a critical role in stopping the global attacks has pleaded guilty to helping to develop and distribute banking Trojans. Marcus Hutchins (aka MalwareTech) was initially called a hero for his role in blocking the WannaCry attacks in May 2017; however, in August of the same year, he was arrested by the FBI in the United States...

Read More
Google to Start Blocking Logins from Embedded Browsers to Help Combat MitM Attacks
Apr23

Google to Start Blocking Logins from Embedded Browsers to Help Combat MitM Attacks

Sign-ins to Google from embedded browser frameworks will soon be blocked. Google announced on Thursday, April 18 that the change is being made to improve protections against man-in-the-middle (MitM) attacks. Embedded browser frameworks are often used in phishing attacks to automate user activity. If a user visits a phishing website that spoofs the Google login page and is requested to enter their Google credentials, the attacker could...

Read More
New Malvertising Campaign Detected Using Highly Sophisticated Aftershock-3PC Malware
Apr19

New Malvertising Campaign Detected Using Highly Sophisticated Aftershock-3PC Malware

A new form of malware named Aftershock-3PC is being used in a major malvertising campaign. The malware uses a range of advanced techniques to avoid detection. The malware is being used in malvertising attacks via more than 200 premium ad networks. The malware is polymorphic and constantly changes its code to evade detection and uses over 30 different domains to avoid being detected by signature-based anti-malware solutions used by...

Read More
297 Flaws Patched by Oracle in its April Security Update
Apr18

297 Flaws Patched by Oracle in its April Security Update

Oracle’s April security update includes patches for 297 vulnerabilities across its product suite. Users of Oracle products have been advised to update the products as soon as possible to prevent the vulnerabilities from being exploited. This is especially important for this security update as it includes 53 critical bugs that have been assigned a CVSS v3 base score of 9.0 or above. 47 of those have a CVSS v3 score of 9.8. The patches...

Read More