Adobe Patches Actively Exploited 0-Day Vulnerability in Flash Player
Dec06

Adobe Patches Actively Exploited 0-Day Vulnerability in Flash Player

On Wednesday, December 5, 2018, Adobe issued an update to correct a vulnerability in Adobe Flash Player that is being leveraged by a threat group in targeted attacks in Russia. The threat group has already attacked a healthcare facility in Russia that is used by senior civil servants. The vulnerability was identified by researchers at Gigamon who passed on details of the vulnerability to Adobe in late November. Qihoo 360 researchers...

Read More
Marriott Announces 500 Million-Record Breach of Starwood Hotel Guests’ Data
Nov30

Marriott Announces 500 Million-Record Breach of Starwood Hotel Guests’ Data

The Marriott hotel chain has announced it has suffered a massive data breach that has resulted in the theft of the personal information of up to 500 million guests of the Starwood Hotels and Resorts group. Marriott discovered the data breach on September 8, 2018 after an alert was generated by its internal security system following an attempt by an unauthorized individual to access the Starwood guest reservation database. Third-party...

Read More
49% of All Phishing Sites Have SSL Certificates and Display Green Padlock
Nov29

49% of All Phishing Sites Have SSL Certificates and Display Green Padlock

Almost half of phishing sites now have SSL certificates, start with HTTPS, and display the green padlock to show the sites are secure, according to new research by PhishLabs. The number of phishing websites that have SSL certificates has been increasing steadily since Q3, 2016, when around 5% of phishing websites were displaying the green padlock to indicate a secure connection. The percentage increased to approximately 25% of all...

Read More
Major Malvertising Campaign Detected: 300 Million Browser Sessions Hijacked in 48 Hours
Nov28

Major Malvertising Campaign Detected: 300 Million Browser Sessions Hijacked in 48 Hours

A major malvertising campaign is being conducted that is redirecting web users to phishing and scam websites. While malvertising campaigns are nothing new, this one stands out due to the scale of the campaign. In 48 hours, more than 300 million users have had their browsers redirected to malicious web pages. The campaign was uncovered by researchers at cybersecurity firm Confiant on November 12. The researchers note that the actor...

Read More
APT28 Group Uses New Cannon Trojan in Spear Phishing Campaign Targeting US and EU Government Agencies
Nov22

APT28 Group Uses New Cannon Trojan in Spear Phishing Campaign Targeting US and EU Government Agencies

A new spear phishing campaign is being conducted by the AP28 (Sofacy Group/Fancy Bear/Sednit) on government organizations in the United States, Europe, and a former USSR state using the previously unknown Cannon Trojan. The campaign was detected by Palo Alto Networks’ Unit 42 team and was first identified in late October. The campaign is being conducted via spam email and uses weaponized Word document to deliver two malware variants....

Read More
Critical AMP for WP Plugin Vulnerability Allows Any User to Gain Admin Rights
Nov20

Critical AMP for WP Plugin Vulnerability Allows Any User to Gain Admin Rights

A new critical WordPress plugin vulnerability has been identified that could allow site users to escalate privileges to admin level, giving them the ability to add custom code to a vulnerable website or upload malware. The vulnerability is in the AMP for WP plugin, a popular plugin that converts standard WordPress posts into the Google Accelerated Mobile Pages format to improve load speeds on mobile browsers. The plugin has more than...

Read More
TA505 APT Group Spreading tRat Malware in New Spam Campaigns
Nov20

TA505 APT Group Spreading tRat Malware in New Spam Campaigns

The prolific APT group TA505 is conducting spam email campaigns spreading a new, modular malware variant named tRAT. tRAT malware is a remote access Trojan capable of downloading additional modules. In addition to adding infected users to a botnet, the threat actors have the option of selling access to different elements of the malware to other threat groups for use in different attacks. Threat researchers at Proofpoint intercepted...

Read More
Phishing Accounts for 50% of All Fraud Attacks
Nov15

Phishing Accounts for 50% of All Fraud Attacks

An analysis of current cyber fraud threats by network security firm RSA shows that phishing attacks have increased by 70% since Q2 and now account for 50% of all fraud attacks suffered by organizations. Phishing attacks are popular because they are easy to conduct and have a high success rate. An attacker can set up a webpage that mimics a well-known brand such as Microsoft or Google that requests login details. Emails are then sent...

Read More
Microsoft Patches 12 Critical Vulnerabilities on November Patch Tuesday
Nov14

Microsoft Patches 12 Critical Vulnerabilities on November Patch Tuesday

Microsoft has issued patches for 12 critical vulnerabilities in November Patch Tuesday and has fixed a flaw that is being actively exploited by at least one threat group. In total, 64 vulnerabilities have been fixed across Windows, IE, Edge, and other Microsoft products. The 12 critical vulnerabilities could allow hackers to execute malicious code and take full control of a vulnerable device. The majority of the critical...

Read More
WordPress GDPR Compliance Plugin Vulnerability Being Actively Exploited
Nov12

WordPress GDPR Compliance Plugin Vulnerability Being Actively Exploited

Websites with the WordPress GDPR Compliance plugin installed are being hijacked by hackers. A vulnerability in the plugin is being exploited, allowing attackers to modify site settings and register new user accounts with admin privileges. The vulnerability can be remotely exploited by unauthenticated users, many of whom have automated exploitation of the vulnerability to hijack as many sites as possible before the vulnerability is...

Read More
Zero-Day VirtualBox Vulnerability and Exploit Published
Nov07

Zero-Day VirtualBox Vulnerability and Exploit Published

Details of a zero-day VirtualBox vulnerability have been published online along with a step by step exploit. The vulnerability in the Oracle open source hosted hypervisor was published on GitHub by Russian security researcher, Sergey Zelenyuk, rather than being disclosed to Oracle to allow the bug to be fixed. The decision was influenced by a previous vulnerability that he found in VirtualBox that was disclosed to Oracle but took the...

Read More
Elon Musk Bitcoin Scam Generates $180,000 in a Day
Nov06

Elon Musk Bitcoin Scam Generates $180,000 in a Day

The promise of payment of a sizable sum in return for a small payment is a classic scam that has been conducted in various forms for many years. An administration fee is required before a Saudi prince’s inheritance will be paid, and payment I required to help a widow get her husbands fortune out of the country. This week an interesting variation of the scam has been conducted on Twitter that has been surprisingly effective. The Saudi...

Read More
BleedingBit Vulnerabilities Affect Millions of Wireless Access Points
Nov02

BleedingBit Vulnerabilities Affect Millions of Wireless Access Points

Armis Labs has identified two vulnerabilities in Texas Instruments’ Bluetooth Low Energy (BLE) chips that are used in wireless access points manufactured by Cisco, Meraki, and Aruba. The affected wireless access point are used by hundreds of thousands of businesses around the world. Cisco, Meraki, and Aruba supply at least 70% of business wireless access points, which places all of those businesses at risk. It is not yet known exactly...

Read More
Stealthy sLoad Downloader Performs Extensive Reconnaissance to Improve Quality of Infected Hosts
Oct25

Stealthy sLoad Downloader Performs Extensive Reconnaissance to Improve Quality of Infected Hosts

A new PowerShell downloader has been discovered – the sLoad downloader – which is being used in stealthy, highly targeted attacks in the United Kingdom and Italy. The sLoad downloader performs a wide range of checks to find out a great deal of information about the system on which it resides, before choosing the most appropriate malicious payload to deploy – if a payload is deployed at all. The sLoad downloader was first identified in...

Read More
Zero-Day Windows Data Sharing Service Vulnerability Discovered
Oct24

Zero-Day Windows Data Sharing Service Vulnerability Discovered

A Windows zero-day vulnerability has been discovered that allows hackers to delete application dlls and cause a system to crash and potentially hijack systems. The vulnerability allows an attacker to elevate privileges and delete files that should only be accessible by admins and takes advantage of a Windows service that fails to check permissions. That service, the Windows Data Sharing Service – dssvc.dll, was introduced in...

Read More
Exploits Published for LibSSH Vulnerability: Immediate Patching Required
Oct22

Exploits Published for LibSSH Vulnerability: Immediate Patching Required

A recently discovered LibSSH vulnerability, that has been described as ‘comically bad’ by the security researcher who discovered it, has been patched. The flaw is ridiculously easy to exploit. Unsurprisingly, various scripts and tools have been published that allow vulnerable devices to be found and the flaw to be exploited. If the LibSSH vulnerability is exploited, which requires little skill even without one of the published...

Read More
Sophisticated Phishing Attack Inserts Malware into Existing Email Conversation Threads
Oct11

Sophisticated Phishing Attack Inserts Malware into Existing Email Conversation Threads

A new sophisticated phishing tactic has been identified that involves a malicious actor gaining access to an email account, monitoring a conversation thread, and then inserting malware in a reply to an ongoing discussion. The scam is a variation of a Business Email Compromise (BEC) attack. BEC attacks typically involve using a compromised email account to send messages to accounts or payroll employees to get them to make fraudulent...

Read More
Microsoft Addresses 49 Flaws Including One Actively Exploited Vulnerability
Oct10

Microsoft Addresses 49 Flaws Including One Actively Exploited Vulnerability

Almost 50 vulnerabilities have been patched by Microsoft on October Patch Tuesday including one zero-day vulnerability that is being actively exploited in the wild by the FruityArmor APT group. The zero-day (CVE-2018-8453) is linked to the Win32k component of Windows and is an elevation-of-privilege vulnerability discovered by Kaspersky Lab. If exploited, a threat actor could run arbitrary code in kernel mode and could create new...

Read More
Phishers Using Azure Blog Storage to Host Phishing Forms with Valid Microsoft SSL Certificate
Oct08

Phishers Using Azure Blog Storage to Host Phishing Forms with Valid Microsoft SSL Certificate

Cybercriminals are using Microsoft Azure Blog storage to host phishing forms. The site hosting the malicious files has a genuine Microsoft SSL certificate which adds authenticity to the campaign. Similar tactics have been used in the past for Dropbox phishing scams and attacks that impersonate other cloud storage platforms. A typical phishing scenario involves an email being sent with a button or hyperlink that the user is requested...

Read More
Cofense Research Reveals Extensive Abuse of Zoho Email by Keyloggers
Oct05

Cofense Research Reveals Extensive Abuse of Zoho Email by Keyloggers

New research from Cofense has revealed there has been a significant rise in keylogger activity in 2018 which backs up research conducted by Microsoft that showed the resurgence of a keylogger known as Hawkeye. Keyloggers are information-stealing malware that log keystrokes on a computer and other input from human interface devices (HUDs) such as webcams and microphones. Many modern keyloggers are also able to copy information from the...

Read More
Persistent New LoJax Rootkit Survives Hard Disk Replacement
Oct04

Persistent New LoJax Rootkit Survives Hard Disk Replacement

Security researchers at ESET have identified a new rootkit that takes persistence to a whole new level. Once infected, the LoJax rootkit will remain active on a device even if the operating system is reinstalled or the hard drive is reformatted or replaced. Rootkits are malicious code that are used to provide an attacker with constant administrator access to an infected device. They are difficult to detect and consequently they can...

Read More
Increased Remote Desktop Protocol Attacks Prompts IC3 to Issue Warning
Oct03

Increased Remote Desktop Protocol Attacks Prompts IC3 to Issue Warning

The FBI’s Internet Crime Complaint Center (IC3) has issued a warning to businesses about the abuse of remote administration tools such as Remote Desktop Protocol. The warning was prompted by a significant rise in attacks and darknet marketplaces selling RDP access. Remote Desktop Protocol was first introduced into Windows in 1996 and has proven to be a valuable tool. It allows employees to connect to their office computer remotely and...

Read More
Danabot Banking Trojan Used in U.S. Campaign
Oct03

Danabot Banking Trojan Used in U.S. Campaign

The DanaBot banking Trojan was first detected by security researchers at Proofpoint in May 2018. It was being used in a single campaign targeting customers of Australian Banks. Further campaigns were later detected targeting customers of European banks, and now the attacks have moved across the Atlantic and U.S. banks are being targeted. Banking Trojans are a major threat. Proofpoint notes that they now account for 60% of all malware...

Read More
Q2, 2018 Saw an 86% Rise in Cryptocurrency Mining Malware Detections
Sep26

Q2, 2018 Saw an 86% Rise in Cryptocurrency Mining Malware Detections

2018 has proven to be the year of cryptocurrency mining malware. Cybercriminals are increasingly abandoning other forms of malware and ransomware in favor of malware capable of hijacking processors and mining cryptocurrency. Mining cryptocurrency requires computers to solve the complex problems necessary to verify cryptocurrency transactions and add them to the blockchain ledger. That requires considerable processing power and takes...

Read More
Cofense Takes a Closer Look at Healthcare Phishing Attacks
Sep24

Cofense Takes a Closer Look at Healthcare Phishing Attacks

Cofense, the leading provider of human-based phishing threat management solutions, has published new research that shows the healthcare industry lags behind other industry sectors for phishing defenses and is routinely attacked by cybercriminals who often succeed in gaining access to sensitive patient health data. The Department of Health and Human Services’ Office for Civil Rights publishes a summary of data breaches reported by...

Read More
Pegasus Spyware Campaigns Gather Pace: Infections Detected in 45 Countries
Sep19

Pegasus Spyware Campaigns Gather Pace: Infections Detected in 45 Countries

Pegasus spyware is a legitimate surveillance tool that has been attributed to the Israeli cyber-intelligence firm NSO Group. The spyware works on both Android smartphones and iPhones to allow security services to intercept text messages, track phone calls, trace a phone’s location, and obtain passwords and data from apps installed on an infected device. Since at least 2016, NSO Group has been offering Pegasus spyware to nation state...

Read More
New Python Ramsomware Threat Detected
Sep18

New Python Ramsomware Threat Detected

Security researchers at Trend Micro have identified a new Python ransomware threat that piggybacks on the success of Locky ransomware. The threat actors behind the ransomware have copied the ransom note used by the gang responsible for Locky. The ransomware note claims files have been encrypted by Locky Locker. Trend Micro have instead named this new ransomware threat PyLocky. Python is a popular script-writing language, although it...

Read More
New Brazilian Banking Trojan Hides in Plain Sight
Sep10

New Brazilian Banking Trojan Hides in Plain Sight

An innovative new Brazilian banking Trojan has been detected by security researchers at IBM X-Force. The Trojan has been named CamuBot due to its use of camouflage to fool employees into running the installer for the malware. As with other banking Trojans, its purpose is to obtain bank account credentials, although its method of doing so is different from most of the banking Trojans currently used by threat actors in Brazil. Most...

Read More
Zero-Day Windows Task Scheduler Vulnerability Exploited by Threat Group
Sep06

Zero-Day Windows Task Scheduler Vulnerability Exploited by Threat Group

On August 27, a security researcher with the online moniker SandboxEscaper discovered a zero-day vulnerability in Windows Task Scheduler (Windows 7-10) and published a proof-of-concept exploit for the flaw on GitHub. Microsoft was not alerted to the flaw and was not given time to issue a fix to prevent the flaw from being exploited. Unsurprisingly, the exploit is now being used by at least one hacking group to attack businesses....

Read More
Massive URL Spoofing Campaign Discovered Targeting 76 Universities
Sep04

Massive URL Spoofing Campaign Discovered Targeting 76 Universities

A massive URL spoofing campaign targeting 76 universities in 14 countries has been detected by security researchers at SecureWorks. The threat group known as Cobalt Dickens is believed to be behind the attack. The group is believed to operate out of Iran and is well known for conducting these types of attacks. The latest campaign has seen the hacking group create more than 300 spoofed websites on sixteen domains. Hosted on those...

Read More
Micropatch Blocks Zero-Day Vulnerability in Windows Task Scheduler
Sep03

Micropatch Blocks Zero-Day Vulnerability in Windows Task Scheduler

On August 29, 2018, a proof-of-concept exploit for a zero-day vulnerability in Windows Task Scheduler was published on GitHub by a security researcher. The vulnerability had not previously been disclosed to Microsoft, and consequently, no patch has been released to address the flaw. If exploited, a malicious actor could elevate permissions of malicious code running on a compromised device from guest or user level to administrator...

Read More
Ransomware Attacks Slow as Cryptocurrency Mining Proves More Profitable
Aug30

Ransomware Attacks Slow as Cryptocurrency Mining Proves More Profitable

Over the past two years, ransomware has been favored by cybercriminals as it offered an easy way to make money. Campaigns could easily be conducted via spam email, and for many individuals, it was not even necessary to create the malware from scratch. Ransomware-as-a-service allowed campaigns to be conducted for a 60% cut of the profits generated with no programming experience required. While some threat actors are still using...

Read More
Exploit Published for Zero-Day Vulnerability Found in Windows Task Scheduler
Aug29

Exploit Published for Zero-Day Vulnerability Found in Windows Task Scheduler

A zero-day vulnerability has been discovered in Windows Task Scheduler and an exploit for the flaw has been published on GitHub. The local privilege escalation vulnerability exists in the Advanced Local Procedure Call (ALPC) interface and if exploited would enable a malicious actor to elevate the access of malicious code from a limited USER role to a SYSTEM account with full access. The Task Scheduler API function SchRpcSetSecurity...

Read More
AdvisorsBot Malware Used in Targeted Attacks on Hotels and Restaurants
Aug28

AdvisorsBot Malware Used in Targeted Attacks on Hotels and Restaurants

Security researchers at Proofpoint have detected a new malware threat that is being used in targeted attacks on hotels, restaurants, and telecoms firms. AdvisorsBot malware, so named because its C&C servers contain the word advisors, was first detected in May 2018 in a variety of spam email campaigns. AdvisorsBot malware is under development although the current form of the malware has been used in multiple attacks around the...

Read More
New Critical Apache Struts Vulnerability Discovered
Aug24

New Critical Apache Struts Vulnerability Discovered

A new Apache Struts vulnerability has been discovered in the core functionality of Apache Struts. This is a critical flaw that allows remote code execution in certain configurations of the framework. The flaw could prove more serious than the one that was exploited in the Experian hack in 2017. Apache Struts is an open source framework used in many Java-based web applications. It has been estimated that at least 65% of Fortune 500...

Read More
Necurs Botnet Now Distributing Marap Malware
Aug21

Necurs Botnet Now Distributing Marap Malware

The Necurs botnet is being used to send huge quantities of spam emails containing Marap malware. Marap malware is currently being used for reconnaissance and learning about victims. The aim appears to be the creation of a network of infected users that can be targeted in future attacks. The malware creates a unique fingerprint for each infected device, contacts its C2 server, and sends information about the victim’s system to the...

Read More
SharePoint Files Used to Harvest Office 365 Credentials
Aug19

SharePoint Files Used to Harvest Office 365 Credentials

A phishing campaign termed PhishPoint uses SharePoint files to steal users’ Office 365 credentials. Huge numbers of phishing emails are being sent to businesses that appear to be invitations to collaborate. Users are required to click the URL embedded in the email, which ultimately directs them to a malicious site where they are required to enter their Office 365 credentials. Those credentials are then captured by the attackers. The...

Read More
Multi-Factor Authentication Fail: Single MFA Token Used to Gain Access to All Accounts
Aug16

Multi-Factor Authentication Fail: Single MFA Token Used to Gain Access to All Accounts

Multi-factor authentication can help to secure accounts and protect against phishing attacks. If a correct username and password combo is obtained, without the second factor (E.g. SMS message, token, device, or email address) the account cannot be accessed. As the recently discovered data breach at Reddit demonstrated, multi-factor authentication is not a silver bullet. Reddit used SMS messages to a user’s mobile phone as the second...

Read More
New KeyPass Ransomware Campaign Infects Users in More than 20 Countries
Aug15

New KeyPass Ransomware Campaign Infects Users in More than 20 Countries

A new ransomware variant – called KeyPass ransomware – is being used in a new campaign that has seen many victims created around the world. While Brazil and Vietnam have taken the brunt of the attacks, there have been victims in more than 20 countries with the list growing by the day. KeyPass ransomware is written in C++ and is a variant of STOP ransomware. At present it is not known how the KeyPass ransomware attacks are...

Read More
Faxploit Attack Uses Fax Machine to Gain Network Access and Steal Data
Aug14

Faxploit Attack Uses Fax Machine to Gain Network Access and Steal Data

Since the 1960s, businesses have been using fax machines to send and receive orders and communicate data quickly. To a large extent, email has replaced the fax, although faxes are still extensively used, especially in healthcare. It has been estimated that there are still around 300 million fax machines in use around the world. While fax technology is old – it was first developed in the late 1800s – faxes are not typically...

Read More
New Shrug Ransomware Variant Detected
Aug13

New Shrug Ransomware Variant Detected

Shrug ransomware was first detected in early July. Now a new variant of this .NET ransomware variant has been detected, which has enhanced capabilities. Shrug ransomware was primarily distributed bundled with fake software and apps, although the infection vector for the latest version is not known. Phishing emails, RDP attacks, and drive-by downloads may also be used in addition to fake software. Shrug2 ransomware was detected by...

Read More
Scammers Claim to Have Webcam Footage of Users Watching Pornography
Aug09

Scammers Claim to Have Webcam Footage of Users Watching Pornography

A new variant of an old scam is currently gaining traction and is fooling many people into paying scammers money to avoid having sensitive information exposed. The scammers claim to have added malware to adult sites which has been downloaded onto a user’s computer. The malware is allegedly capable of taking full control of the webcam, which has been used to record a video of the user while they were visiting pornographic websites. The...

Read More
SamSam Ransomware Developer Has Earned $6 Million in Ransom Payments
Aug08

SamSam Ransomware Developer Has Earned $6 Million in Ransom Payments

SamSam ransomware has been used in many attacks on healthcare providers and educational institutions over the past two and a half years. In contrast to many other ransomware variants, the ransom payments are considerably higher, typically of the order of tens of thousands of dollars. What also makes SamSam ransomware different is its method of deployment. While many ransomware variants are installed as a result of employees opening...

Read More
Recent WannaCry Attack on Chip Manufacturer Expected to Cost $170 Million
Aug07

Recent WannaCry Attack on Chip Manufacturer Expected to Cost $170 Million

A WannaCry ransomware attack has been reported by the Taiwan Semiconductor Manufacturing Co. The malware infection has crippled some of the company’s manufacturing plants which has halted chip production in some of the company’s factories. The Taiwan Semiconductor Manufacturing Co. is the world’s largest chip manufacturer, supplying its products to Nvidia, AMD, Apple, Qualcomm and many other major manufacturers. The attack has had a...

Read More
Massive Malvertising Operation Uncovered that Delivers Traffic to Rig Exploit Kit
Aug03

Massive Malvertising Operation Uncovered that Delivers Traffic to Rig Exploit Kit

For many years cybercriminals have been sneaking malicious adverts onto legitimate websites through advertising networks. Publishers – website owners that sell space on their sites for advertisements – often use ad networks to connect them with advertisers, who bid for the space. Resellers are also involved in the advertising chain and resell traffic generated through the ad networks to other advertisers. If a malicious advert makes...

Read More
New Spectre-Class Attack Identified by UCR Researchers
Jul26

New Spectre-Class Attack Identified by UCR Researchers

Another side-channel vulnerability has been identified that could be exploited in a Spectre-Class attack. This attack method is not blocked by previous patches that address the original Spectre flaws. The vulnerability was identified by researchers at the University of California, Riverside (UCR), which recently published details of the attack method which they term Spectre-RSB. The attack uses the speculative execution feature of...

Read More
Cincinnati Implements Smart911 Service to Improve Emergency Response Times
Jul20

Cincinnati Implements Smart911 Service to Improve Emergency Response Times

The city of Cincinnati has taken steps to improve response times of the emergency services in the wake of a tragic incident that resulted in the death of a 16-year old student at Seven Hills School. On April 10, Kyle Plush became trapped under the rear seat of his Honda Odyssey. He attempted to contact emergency services multiple times to request help but died from asphyxiation in the back of his minivan. His body was not discovered...

Read More
GandCrab Ransomware Vaccine Developed by AhnLab
Jul19

GandCrab Ransomware Vaccine Developed by AhnLab

GandCrab ransomware is now the most commonly used ransomware variant, and while there is currently no free decryptor for GandCrab ransomware, there is now a vaccine that can prevent GandCrab ransomware attacks from being successful. While this is certainly good news, the vaccine only works for version 4.1.2 of the ransomware – the variant currently being used in widespread attacks. Version 4.1.2 was released just two days after...

Read More
Convincing Phishing Campaign Targets Australian Businesses and Spreads DanaBot Trojan
Jul17

Convincing Phishing Campaign Targets Australian Businesses and Spreads DanaBot Trojan

A new phishing campaign has been detected that is spreading the DanaBot Trojan. The campaign involves phishing emails which appear to contain invoices from the Australian multinational corporation MYOB – a provider of tax and accounting services for small and medium sized businesses. The phishing campaign was detected by Trustwave researchers. The phishing emails are succinct and well written and advise the recipient of the invoice...

Read More
Code Stealing Certificates Stolen from D-Link and Used in Malware Campaign
Jul12

Code Stealing Certificates Stolen from D-Link and Used in Malware Campaign

The Advanced Persistent Threat (APT) group BlackTech has stolen code-signing certificates from D-Link and Changing Information Technology Inc., and is using them to cryptographically sign a remotely controlled backdoor known as Plead and an associated password stealer. With the stolen certificates, individuals who receive the malware as email attachments are likely to be fooled into thinking the files are genuine and have been...

Read More
Microsoft Issues Patches for 54 Vulnerabilities; 17 Critical
Jul10

Microsoft Issues Patches for 54 Vulnerabilities; 17 Critical

This Patch Tuesday has seen Microsoft issue patches for 54 vulnerabilities, 27 of which could allow remote code exploitation. 17 of the flaws have been rated critical and 33 are rated important. Three of the vulnerabilities were disclosed before Microsoft released patches. The patches address bugs in 15 products. The majority of the critical flaws are scripting errors in Internet Explorer, including four memory corruption...

Read More
New AZORult Phishing Campaign Detected by Cofense
Jul09

New AZORult Phishing Campaign Detected by Cofense

Leading anti-phishing solution provider Cofense has detected a new AZORult phishing campaign. AZORult is an information stealer capable of stealing cookies, stored passwords, payment card information, autocomplete data stored in web browsers, Bitcoin wallet information, and email, FTP, and XMPP client credentials. The latest campaign uses malicious email attachments to spread a new variant of the malware. Version 3 of AZORult...

Read More
Email Attack Uses Macros to Hijack Desktop Shortcuts
Jul09

Email Attack Uses Macros to Hijack Desktop Shortcuts

The deployment of malware via malicious Word documents is nothing new, although the tactics used by cybercriminals often change. Now a new method of malware deployment has been uncovered, in which users are fooled into downloading the malicious payload. The attack starts like many other email-based attacks. The user must open an email and attachment and enable macros. The macro then searches for common desktop shortcuts such as Google...

Read More
Rakhni Trojan Decides Whether to Encrypt or Mine Dashcoin
Jul06

Rakhni Trojan Decides Whether to Encrypt or Mine Dashcoin

A new variant of the Rakhni Trojan has been detected by security researchers at Kaspersky Lab. This new malware variant decides whether a device is suited to mining cryptocurrency. If the device has sufficient processing power, a Dashcoin miner is downloaded and the device is turned into a cryptocurrency mining slave. If the likely profits from cryptocurrency mining are low, files on the device will be encrypted in a standard...

Read More
Cryptocurrency Investors Targeted with MacOs Malware on Slack and Discord
Jul03

Cryptocurrency Investors Targeted with MacOs Malware on Slack and Discord

Several MacOs malware attacks have been identified in the past few days with victims targeted via the Slack and Discord chat platforms. The attackers are targeting cryptocurrency investors and are posting messages on Slack and Discord groups linked to cryptocurrencies. This is an impersonation attack in which admins and key personnel are being impersonated, with users advised to run a script that downloads a malware variant named...

Read More
DoublePulsar Exploit Tweaked to Work on IoT Systems
Jun28

DoublePulsar Exploit Tweaked to Work on IoT Systems

The NSA hacking tool – DoublePulsar – was used to infect hundreds of thousands of Windows computers with malware last year after it was leaked online by the Shadow Brokers hacking group. At the time, the hacking tool worked on all Windows versions except the latest Windows 10 version, but not on the Windows IoT operating system. However, a security researcher going by the name Capt. Meelo has tweaked the hacking tool, which now works...

Read More
WordPress Vulnerability Allows Full Site Takeover
Jun27

WordPress Vulnerability Allows Full Site Takeover

A recently disclosed vulnerability in the WordPress CMS Core could be exploited to escalate privileges, remotely execute code, and take full control of a WordPress site. The vulnerability was discovered by security researchers at RIPS Technologies who reported the flaw to WordPress in November 2017. The WordPress team confirmed that the flaw existed but said it could take around 6 months to patch the flaw. Seven months on and the...

Read More
ZeroFont Phishing Attack Bypasses Microsoft Office Security Feature
Jun21

ZeroFont Phishing Attack Bypasses Microsoft Office Security Feature

The ZeroFont phishing attack allows phishers to bypass anti-spam controls and ensure their emails are delivered to end users inboxes. ZeroFont Phishing Cybercriminals are constantly developing new ways to bypass anti-spam technologies, one of which has been uncovered by security researchers at the cloud security company Avanan. The technique, termed ZeroFont phishing, allows phishers to get their messages past Microsoft Office 365...

Read More
More than 400 Models of Axis Communications Cameras Vulnerable to Remote Attacks
Jun19

More than 400 Models of Axis Communications Cameras Vulnerable to Remote Attacks

More than 400 models of Axis Communications’ security cameras contain vulnerabilities that could be exploited by malicious actors to intercept and view camera footage, take full control of the cameras, or disable them entirely. The security cameras are used by many organizations, including industrial firms, banks and hotels. The vulnerabilities were discovered by the cybersecurity company VDOO as part of its investigation into the...

Read More
More than 22,000 Container Orchestration and API Management Systems Exposed on Internet
Jun19

More than 22,000 Container Orchestration and API Management Systems Exposed on Internet

Many organizations have turned to the public cloud to help them scale resources to meet demand, reduce operating costs and improve the effectiveness of IT processes; however, a significant percentage of companies have failed to secure their cloud infrastructure and are exposing their data. New research conducted by Lacework has revealed more than 22,000 container dashboards and API management systems have been left exposed on the...

Read More
New PyRoMine Malware Variant Used Obfuscation and Incorporates IoT Device Scanner
Jun14

New PyRoMine Malware Variant Used Obfuscation and Incorporates IoT Device Scanner

A new variant of the PyRoMine cryptocurrency mining malware has been discovered by security researchers at Fortinet. The Pythod-based malware variant has been named PyRoMineIoT. The malware bears a number of similarities to the PyRoMine malware discovered by FortiGuard Labs in April, although this variant has enhanced capabilities helping it to evade detection by AV software. The new version of the malware is hosted on the same IP...

Read More
RansomCloud Attack Encrypts Cloud-Based Emails
Jun14

RansomCloud Attack Encrypts Cloud-Based Emails

Ransomware may be more commonly used to encrypt files on business networks, although that does not mean consumers are in the clear. Cybercriminals may target businesses due to the higher potential rewards for a successful attack, although a new ransomware strain has been developed that highlights how vulnerable consumers are to ransomware attacks. In this case, the ransomware strain was developed by a white hat hacker as a proof of...

Read More
Spammers Use iqy Files to Deliver Remote Access Trojan
Jun11

Spammers Use iqy Files to Deliver Remote Access Trojan

Macros have long been favored by cybercriminals as a method of installing malware. The macros launch VB, JavaScript and PowerShell scripts that download malware. Due to potential threat, security teams often disable macros or at least configure end points to require macros to be manually enabled by end users. The risk of running macros is also usually covered in security awareness programs. It is now harder for cybercriminals to...

Read More
Emergency Update Issued by Adobe to Patch Critical 0-Day Flaw in Flash Player
Jun08

Emergency Update Issued by Adobe to Patch Critical 0-Day Flaw in Flash Player

Adobe has released an emergency update that addresses an actively exploited zero-day flaw in Flash Player that is being used in targeted attacks on Windows users. The vulnerability, tracked as CVE-2018-5002, is a stack-based buffer overflow vulnerability that allows arbitrary code execution. The flaw has been rated critical. Several phishing campaigns have been detected that are using Office documents with embedded Flash Player...

Read More
New Capabilities of VPNFilter Malware Uncovered: More Routers Vulnerable that Initially Thought
Jun07

New Capabilities of VPNFilter Malware Uncovered: More Routers Vulnerable that Initially Thought

Security researchers at Cisco Talos, who identified VPNFilter malware last month, initially estimated that approximately half a million routers had been infected with the malware. Further investigation into the malware campaign suggests twice as many routers brands and models are vulnerable and the number of infections could be substantially higher than previously thought. Cicso Talos took the decision to go public about the malware...

Read More
May Saw Massive Increase in TSB Phishing Scams
Jun05

May Saw Massive Increase in TSB Phishing Scams

There has been a massive increase in TSB phishing scams over the past month. In April, TSB bank transitioned to a new core banking system. Previously, TSB data had been on a system provided by Lloyds, although following the takeover by Spanish bank Banco Sabadell, data needed to be moved to its banking system. When customer accounts were transferred to the new system, many customers were locked out of their accounts. The outage lasted...

Read More
New Windows Zero Day JScript Remote Code Execution Vulnerability Disclosed
Jun04

New Windows Zero Day JScript Remote Code Execution Vulnerability Disclosed

A new Windows zero day remote code execution flaw has been identified. The flaw is present in Microsoft’s ECMAScript standard and affects the Jscript component of Internet Explorer and the way Windows handles error objects in Jscript. The vulnerability has been given a medium severity with a CVSS V3 rating of 6.8. The vulnerability was first identified in January by Telspace Systems security researcher Dmitri Kaslov. It has now been...

Read More
Mnubot Banking Trojan Used in Attacks on Brazilian Firms
May31

Mnubot Banking Trojan Used in Attacks on Brazilian Firms

A new banking Trojan – MnuBot – has been detected by IBM X-Force researchers which uses an unusual method of communication. Instead of using a command and control server like most other malware families, MnuBot uses Microsoft SQL Server to receive its initial configuration and for communication. The MnuBot banking Trojan is being used in targeted attacks in Brazil and its primary function is to make fraudulent bank transfers via...

Read More
US-CERT Issues Warning About Two North Korean Malware Variants
May30

US-CERT Issues Warning About Two North Korean Malware Variants

Two malware strains – known as Joanap and Brambul – are being used to establish peer to peer connections and remotely access infected systems, manage botnets, and steal system information and login credentials. The malware strains are communicating with IP addresses in 17 countries and have been linked to North Korea by U.S Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). The malware families are...

Read More
Warning Issued to Business and Consumers Over VPNFilter Malware Infections on Routers
May29

Warning Issued to Business and Consumers Over VPNFilter Malware Infections on Routers

Security researchers at Cisco Talos have been tracking a VPNFilter malware campaign that has seen more than 500,000 consumer-grade routers and NAS devices infected. While Talos researchers are still investigating, the decision was made to go public due to recent upgrades to the malware that gave it dangerous new capabilities, as well as the speed at which routers were being infected. VPNFilter malware can intercept all traffic through...

Read More
New Variant of Dharma Ransomware Identified
May21

New Variant of Dharma Ransomware Identified

A new variant of Dharma ransomware has been detected. The ransomware is capable of encrypting files on a local device as well files on mapped network drives, unmapped network shares, and shared virtual machine hosts. Dharma was first seen in November 2016 and shares several traits with CrySiS ransomware. While a decryptor was released in 2017 that allowed businesses to recover files without paying the ransom, new Dharma ransomware...

Read More
New Mirai IoT Botnet Detected
May18

New Mirai IoT Botnet Detected

The Mirai IoT botnet has been used to conduct some of the largest distributed denial of service (DDoS) attacks ever seen. Since the release of the source code in October 2016, there have been several variants of the botnet developed. Now a new variant has been detected, which has been named Wicked, due to some of the strings in the source code. The new variant was identified by security researchers at Fortinet, who report that the new...

Read More
Cisco Patches Critical Flaws in Digital Network Architecture Platform
May17

Cisco Patches Critical Flaws in Digital Network Architecture Platform

Cisco has releases patches to address vulnerabilities that could potentially be exploited to gain full control of affected systems. Three of the vulnerabilities are rated critical and have been assigned a CVSS V3 rating of 10 – the highest rating under the scoring system. A further four vulnerabilities have been given a rating of high with CVSS V3 scores of 8.6, 8.1, 7.5 and 6.3. The three critical vulnerabilities affect Cisco’s...

Read More
GDPR Phishing Scam Targets Airbnb Customers
May16

GDPR Phishing Scam Targets Airbnb Customers

A GDPR phishing scam has been detected targeting Airbnb customers. The GDPR-themed scam requests customers of the home-sharing website must re-enter their contact information and credit card details in order to comply with the EU’s General Data Protection Regulation that comes into force on May 25, 2018. The scammers are taking advantage of the high volume of emails currently being sent by companies as part of their GDPR compliance...

Read More
Vega Stealer Malware Harvesting Credentials from Web Browsers
May14

Vega Stealer Malware Harvesting Credentials from Web Browsers

A new variant of August Stealer – named Vega Stealer – is being distributed in small phishing campaigns targeting marketing, advertising, and PR firms and the retail and manufacturing industries. While the campaigns are highly targeted, the malware could potentially be used in much more widespread campaigns and become a major threat. Vega Stealer does not have the same range of capabilities as its predecessor, although it does include...

Read More
SamSam Ransomware Threat Actors Switch to Targeted Company-Wide Attacks
May03

SamSam Ransomware Threat Actors Switch to Targeted Company-Wide Attacks

The threat actors behind the latest SamSam ransomware attacks have switched tactics and are now conducting highly targeted, company-wide attacks with the aim of infecting large numbers of devices. Companies are being researched and companies that are perceived to be most likely to pay the ransom are being attacked. Instead of using spam and phishing emails to gain access to devices, the threat actors are exploiting vulnerabilities to...

Read More
KnowBe4 Issues Alert About Fake Active Shooter Phishing Emails
Apr20

KnowBe4 Issues Alert About Fake Active Shooter Phishing Emails

The recent shootings at schools in the United States have shocked the nation, with educational institutions now on high alert for any recurrences. The news of an active shooter on campus requires an immediate response and is likely to result in panic. It is therefore no surprise that scammers have taken advantage and have been sending fake active shooter alerts via email to schools and colleges. KnowBe4 has recently identified one...

Read More
Cofense Report Reveals Latest Malware Delivery and Attack Trends
Mar23

Cofense Report Reveals Latest Malware Delivery and Attack Trends

The 2018 Malware Review from security awareness and anti-phishing solution provider Cofense (Formerly PhishMe) looks at malware trends over the past 12 months and makes predictions about malware delivery and attack trends in 2018. The 2018 Cofense Malware Review, titled A Look Back and a Look Forward, was compiled after analyzing millions of phishing and spam emails gathered from multiple sources over the past year. The report has a...

Read More
Increase in W-2 Phishing Campaigns Leads to FBI Warning Issued
Mar01

Increase in W-2 Phishing Campaigns Leads to FBI Warning Issued

The Federal Bureau of Investigation (FBI) has issued a new alert for businesses due to a major rise in phishing attacks attacking payroll worker. The target of the phishing attacks is to download copies of the W-2 forms of workers. Information on the forms is used to carry out identity theft and tax fraud. 2017 saw record numbers of phishing campaigns targeting businesses, educational institutions, and healthcare groups. In some...

Read More
UK Government Websites Mining Cryptocurrency
Feb12

UK Government Websites Mining Cryptocurrency

UK government websites mining cryptocurrency after third party website plugin compromised by hackers. The plugin Browsealoud, used on many government websites to help hearing-impaired and blind visitors listen to content, was hijacked and the source code had cryptocurrency mining code injected.    UK Government Websites Mining Cryptocurrency for Hackers A recent supply chain attack has seen many government websites turn to mining...

Read More
FBI Issues Warning About Internet Crime Complaint Center Phishing Scams
Feb06

FBI Issues Warning About Internet Crime Complaint Center Phishing Scams

The FBI has spent the past few months investigating reports of Internet Crime Complaint Center phishing scams. IC3 has been impersonated in several campaigns that attempt to convince people to reveal sensitive information that can be used to drain bank accounts and steal identities. The FBI has identified three email templates that are being used by scammers to obtain sensitive information from victims. In some cases, victims have...

Read More
New Necurs Botnet Phishing Campaign Spreads Dridex Banking Trojan
Jan24

New Necurs Botnet Phishing Campaign Spreads Dridex Banking Trojan

The operators of the Necurs botnet have launched several phishing campaigns in the past few days that are being used to spread the Dridex banking Trojan. Malware and cryptocurrency miners are also being sent in large scale campaigns. New tactics are being used to ensure infection and avoid detection. The latest Dridex malware campaign was launched in the past few days and targets customers of major US and European banks. When users...

Read More
Beware of W2 Phishing Scams This Tax Season
Jan23

Beware of W2 Phishing Scams This Tax Season

Employers are being warned to be wary of W2 phishing scams this tax season. The past two years have seen hundreds of employers scammed into disclosing the W2 forms of their employees. The credentials on the forms were subsequently used to file false tax returns. This year is likely to be no different. Last year, accounts department and payroll staff were targeted with W2 phishing scams, using an attack method termed business email...

Read More
Dark Caracal Spyware Installed Via Fake WhatsApp and Signal Apps
Jan23

Dark Caracal Spyware Installed Via Fake WhatsApp and Signal Apps

An advanced persistent threat (APT) group called Dark Caracal is using fake WhatsApp and Signal apps to install spyware. The APT group has already gained access to many thousands of devices and has stolen hundreds of gigabytes of data. Individuals in at least 21 countries have had their mobile devices infected. The APT group is highly advanced, and is believed to operate at the nation-state level, with strong evidence suggesting the...

Read More
Phishing Emails Pushing Fake Meltdown and Spectre Patches
Jan18

Phishing Emails Pushing Fake Meltdown and Spectre Patches

The recently disclosed microprocessor vulnerabilities – Meltdown and Spectre – have had software and hardware firms working hard to develop patches. Cybercriminals have also been busy developing phishing campaigns that push fake Meltdown and Spectre patches. It should not come as a surprise that cybercriminals are capitalizing on the rush to secure computers and patch the vulnerabilities. The vulnerabilities can potentially be...

Read More
IRS Phishing Scam Targets Hotmail Users
Dec16

IRS Phishing Scam Targets Hotmail Users

A new IRS phishing scam has been detected that targets tax professionals and taxpayers who hold Hotmail email accounts. The scam has prompted the Internal Revenue Service to issue a warning to Hotmail users to be wary of emails that request personal and financial information. Each year, cybercriminals target tax payers and attempt to get them to reveal their personal information and Social Security numbers, which are used to file...

Read More
Soaring Value of Bitcoin Triggers Rise in Phishing Attacks on Bitcoin Wallets
Dec12

Soaring Value of Bitcoin Triggers Rise in Phishing Attacks on Bitcoin Wallets

Over the past few days, the value of Bitcoin has soared from $11,000 to more than $17,500, prompting hackers to increase the number of phishing attacks on Bitcoin wallets. While investors are cashing in on the surge in value, so too are attempts to steal Bitcoin. The purpose of the phishing attacks on Bitcoin wallets is simple. Get investors to reveal their account credentials and Bitcoin wallets can be plundered. There is also no...

Read More
Warning Issued by IRS About Christmas Phishing Scams
Nov28

Warning Issued by IRS About Christmas Phishing Scams

Each year there is a wave of Christmas phishing scams during the holiday season, as cybercriminals attempt to steal sensitive information to enable them to file fraudulent tax returns. This year is likely to be no different. Last year saw a major increase in Christmas phishing scams, and the prospect of another barrage of phishing emails has prompted the IRS to issue a warning to consumers to be alert to new, sophisticated email scams...

Read More
US-CERT Warns of Exploitable Windows ASLR Implementation Flaw
Nov21

US-CERT Warns of Exploitable Windows ASLR Implementation Flaw

The U.S. Computer Emergency Readiness Team (US-CERT) has issued a warning about an exploitable Windows ASLR implementation flaw affecting Windows 8, Windows 8.1 and Windows 10. Address Space Layout Randomization (ASLR) is designed to make systems safer by preventing memory-based code execution attacks. Instead of a system executing programs in the memory in predictable locations, which can be anticipated by hackers, ASLR ensures...

Read More
Contacts Stolen and Spear Phishing Emails Sent by Ursnif Trojan
Nov17

Contacts Stolen and Spear Phishing Emails Sent by Ursnif Trojan

The financial sector banking Trojan Ursnif, one of the most commonly experienced banking Trojans, has before been used to attack banking institutions. However, it seems the individuals behind the malware have expanded their horizons, with cyberattacks now being carried out on a wide variety of groups across many different sectors, including healthcare. The new strain of the Ursnif Trojan was found by researchers at security firm...

Read More
New Gibon Ransomware Campaign Detected
Nov09

New Gibon Ransomware Campaign Detected

A new ransomware campaign has been detected that is using spam email to deliver Gibon ransomware. The malware has been named Gibon due to the inclusion of the word in the user-agent string of its code. The ransomware variant was detected by Proofpoint security researcher Matthew Mesa, who notes that as with many other ransomware variants, it is being sold on darknet marketplaces for cybercriminals to use in their own ransom campaigns....

Read More
Google Search Poisoning Used to Spread Zeus Panda Trojan
Nov07

Google Search Poisoning Used to Spread Zeus Panda Trojan

Google search poisoning is being used by cybercriminals to get malicious links ranking highly in the organic search listings. Websites that rank highly in the organic search listings attract the lion’s share of traffic. Ranking highly for popular keyword terms can therefore deliver thousands of visitors. Google scans websites and if malware is found on a webpage, the page will be marked as malicious and will be removed from the...

Read More
Study Reveals Extent to Which Combosquatting is Used by Hackers
Nov02

Study Reveals Extent to Which Combosquatting is Used by Hackers

The use of combosquatting is on the rise, although until recently, the extent to which combosquatting was being used by cybercriminals was not known. However, a new study that examined more than 468 billion DNS records has revealed the practice is far more common than typosquatting. More than 100 times as common in fact. What is Combosquatting? Combosquatting is the use of a trademark in combination with another word in a domain. For...

Read More
New Matrix Ransomware Malvertising Campaign Detected
Oct30

New Matrix Ransomware Malvertising Campaign Detected

A new Matrix ransomware malvertising campaign has been detected. The campaign uses malicious adverts to direct users to a site hosting the Rig exploit kit. Flash and IE vulnerabilities are exploited to download the malicious file-encrypting payload. The new Matrix ransomware malvertising campaign was detected by security researcher Jérôme Segura. Matrix ransomware is not a new threat, having first been detected in late 2016. The...

Read More
New MyEtherWallet Phishing Campaign Detected
Oct29

New MyEtherWallet Phishing Campaign Detected

A new MyEtherWallet phishing campaign has been detected that uses a convincing domain and MyEtherWallet branding to fool MyEtherWallet users into revealing their credentials and providing criminals with access to their MyEtherWallet accounts. In the first few hours of the campaign, the criminals behind the scam had obtained more than $15,000 of MyEtherWallet funds, including $13,000 from one MyEtherWallet user. The individuals behind...

Read More
Widespread Bad Rabbit Ransomware Drive-By Attacks Reported
Oct25

Widespread Bad Rabbit Ransomware Drive-By Attacks Reported

Over the past 24 hours, there have been hundreds of reports of cyberattacks involving Bad Rabbit ransomware – A new ransomware variant with similarities to both NotPetya and HDDCryptor. NotPetya was used in widespread attacks in June, and was a wiper rather than ransomware. HDDCryptor was the ransomware variant that encrypted the San Francisco Muni’s system in November 2016. Many of the NotPetya attacks occurred via a...

Read More
KRACK WiFi Security Vulnerability Allows Attackers to Decrypt WiFi Traffic
Oct17

KRACK WiFi Security Vulnerability Allows Attackers to Decrypt WiFi Traffic

Security researchers at the University of Leuven in Belgium have discovered a WiFi security flaw in WPA2 called KRACK. The KRACK WiFi security vulnerability affects all modern WiFi networks and could be exploited with relative ease. While there have been no known attacks leveraging the vulnerability, it is one of the most serious WiFi flaws discovered to date, with potential to be used to attack millions of users. If the KRACK WiFi...

Read More
Adobe Patches Actively Exploited Flash Player Flaw Used to Deliver FinSpy Malware
Oct17

Adobe Patches Actively Exploited Flash Player Flaw Used to Deliver FinSpy Malware

Yesterday, Adobe released a new update for Flash Player to address an actively exploited flaw (CVE-2017-11292) that is being used by the hacking group Black Oasis to deliver FinSpy malware. Finspy is not malware as such, it is a legitimate software program developed by the German software company Gamma International. However, its capabilities include many malware-like functions. As the name suggests, FinSpy is surveillance software...

Read More
Department of Education Issues Advisory to Hacking and Extortion Threats
Oct15

Department of Education Issues Advisory to Hacking and Extortion Threats

Recently, the hacking group TheDarkOverlord has been targeting K12 schools; gaining access to networks, stealing data and attempting to extort money. In response to the hacking and extortion threats, the U.S. Department of Education has issued an advisory to K12 schools and has provided advice to help educational institutions mitigate risk and protect their networks from attack. The attacks on schools by TheDarkOverlord in recent...

Read More
Why You Should Use a Web Filter to Prevent Employees Accessing Pornography
Oct12

Why You Should Use a Web Filter to Prevent Employees Accessing Pornography

Many companies have realized that acceptable Internet usage policies are insufficient and do not prevent employees accessing pornography at work. While employees can be told that the viewing of pornography at work is unacceptable, and viewing pornography is likely to result in instant dismissal, it does not stop porn from being accessed at work by some individuals. The accessing of pornography in offices and other places of work is...

Read More