CISA Issues Warning About Holiday Season Scams
‘Tis the season to be jolly, especially if you are a scammer. In the run up to holiday season, cybercriminals go into overdrive and are ready and waiting to take advantage of the millions of online shoppers looking to secure a bargain. Holiday season scams are plentiful, highly varied, convincing, and often successful. This year, the U.S. government is warning consumers to be on high alert for holiday season scams that aim to obtain...
Highly Convincing Phishing Scam Uses Fake WebEx Client to Deliver RAT
A new phishing scam has been detected that uses a WebEx meeting request as a lure to get business users to download a remote access Trojan that masquerades as the WebEx client (WebEx.exe). The campaign was detected by Alex Lanstein and shared on Twitter. The meeting request is a carbon copy of a genuine WebEx meeting notification email. As with the real meeting requests, the email contains a Join Meeting button, which the user needs...
MegaCortex Ransomware Ups the Ante with Threat of Publication of Stolen Data
The developers of MegaCortex ransomware have released an updated version of their file-encrypting malware. The latest version incorporates a new feature to hamper recovery without paying the ransom along with a new threat. Victims are told that if they do not pay the ransom, their files will be published online. The latest version of MegaCortex ransomware was discovered by MalwareHunterTeam. The new version will change the Windows...
Ministry of Justice Phishing Scam Uses Subpoena Notification as Lure
A new phishing campaign has been detected that uses subpoenas from the UK Ministry of Justice as a lure to get users to click a link that triggers the download of a malicious Word document that installs the Predator the Thief information stealer. As with countless other phishing campaigns, the emails use fear and urgency to get users to take action. The emails appear to have been sent from a Ministry of Justice email account, include...
Targeted Ransomware Attacks Hit Spanish Companies Hard
A wave of ransomware attacks has been reported in Spain with several appearing to have been attacked almost simultaneously on Monday. One of the attacked companies was Everis, one of the largest IT consulting companies and managed service providers in Spain. The attack on Everis was targeted, which was made clear by the extension added to files encrypted by the ransomware – .3v3r1s. The dropped ransom note explained that its network...