MITRE Corporation Publishes List of Top 25 Most Dangerous Software Errors and Vulnerabilities
Sep20

MITRE Corporation Publishes List of Top 25 Most Dangerous Software Errors and Vulnerabilities

The MITRE Corporation has published a list of the most dangerous software errors and vulnerabilities. It has been 8 years since the last list was published in 2011. The list contains the Top 25 Common Weakness Enumeration (CWE) software errors based on the risk they pose to organizations and what could possibly happen if the flaws are exploited. The top errors are easy to find, easy to exploit, and can potentially cause catastrophic...

Read More
New IRS Tax Refund Phishing Campaign Distributes Amadey Botnet
Sep19

New IRS Tax Refund Phishing Campaign Distributes Amadey Botnet

A new phishing campaign has been detected targeting U.S. taxpayers offering fake tax refunds. The emails spoof the Internal Revenue Service (IRS) and claim that the recipient is entitled to claim a tax refund. The emails include a “Login Right here” button for users to click to arrange their tax refund together with a one-time password. If the button is clicked, the user will be directed to a spoofed IRS login page where the password...

Read More
Emotet is Back in Action and Delivering TrickBot and Ryuk Ransomware
Sep18

Emotet is Back in Action and Delivering TrickBot and Ryuk Ransomware

It has been all quiet on the Emotet front for the past four months, but the infamous botnet is back with a vengeance. A large-scale spam campaign has been detected that is distributing the versatile Emotet banking Trojan via malicious Word macros. The malspam campaign was detected by researchers at Malwarebytes who identified an uptick in command and control server activity and an email campaign distributing malicious messages in...

Read More
Don’t Neglect the Human Factor – Employee Security Awareness Training is Essential
Sep13

Don’t Neglect the Human Factor – Employee Security Awareness Training is Essential

Cybercriminals are attacking businesses by exploiting the weakest link in the security chain – Employees. Attacks exploiting the human factor are far easier to pull off that attempting to find remote code execution vulnerabilities. They are also much quicker and less resource-heavy than brute force attacks. A single phishing email can be all it takes for malware to be installed on a network or for account credentials and sensitive...

Read More
Exploit Kit Activity Increases: 4 New Malvertising Campaigns Detected
Sep12

Exploit Kit Activity Increases: 4 New Malvertising Campaigns Detected

Exploit kit activity may not be at the level seen in 2016, but the malicious website toolkits are enjoying something of a resurgence. New exploit kits such as Lord have recently been discovered and the activity of more established kits such as Rig and GrandSoft has increased significantly in recent months. Exploit kit activity is now at three times the level of this time last year. Exploit kits are toolkits that are loaded onto...

Read More