Highly Sophisticated Apple Vishing Scam Detected
Jan10

Highly Sophisticated Apple Vishing Scam Detected

A sophisticated Apple vishing scam has been uncovered. In contrast to most phishing attempts that use email, this scam used voice calls (vishing) with the calls appearing to have come from Apple. The scam starts with an automated voice call to an iPhone that spoofs Apple Inc. The caller display shows that the call is from Apple Inc., increasing the likelihood that the call will be answered. The user is advised that there has been a...

Read More
January 2019 Patch Tuesday Updates
Jan09

January 2019 Patch Tuesday Updates

January 2019 Patch Tuesday has seen 51 flaws corrected in Microsoft products. There are four updates to correct flaws in the Microsoft Edge Browser. Seven of the 51 updates have been marked as critical. January 2019 Patch Tuesday Critical Vulnerabilities in Microsoft Products The 51 updates are broken down as: Microsoft JET Database Engine (11), Microsoft Windows (6), Microsoft Office (4), Microsoft Office SharePoint (4), Windows...

Read More
Phishing Website Uses Custom Web Fonts to Evade Detection
Jan08

Phishing Website Uses Custom Web Fonts to Evade Detection

Phishers are constantly developing new ways to prevent their websites from being detected. One threat actor is now using custom web fonts to disguise malicious code on phishing websites. The phishing scam spoofs a major U.S. bank in an attempt to get users to disclose their banking credentials. The website used in the scam is well crafted, and like many similar scams, uses stolen branded content to make the website appear legitimate....

Read More
Free Decryptor for Fileslocker Ransomware Developed After Master Key Leaked
Jan03

Free Decryptor for Fileslocker Ransomware Developed After Master Key Leaked

A free decryptor for Fileslocker ransomware has been developed following the leaking of the master key for the ransomware on Pastebin. The master key is the key used by threat actors to decrypt files that have been encrypted by the ransomware. The post was created on December 29, 2018 and states that the master key, which decrypts the private key, is “applicable to V1, V2 version” and that the poster is “waiting for security personnel...

Read More
Tribune Publishing Cyberattack Cripples Several U.S. Newspapers
Jan02

Tribune Publishing Cyberattack Cripples Several U.S. Newspapers

A recent malware attack on Tribune Publishing has caused disruption to several newspaper print runs including those of the Los Angeles Times, San Diego Tribune, and the west coast editions of the New York Times and Wall Street Journal, amongst others. The Tribune Publishing cyberattack occurred on Thursday December 28, 2018, and spread throughout the Tribune Publishing network on Friday, affecting the Saturday editions of several...

Read More