How to detect phishing images in emails

Uzair Amir

https://www.hackread.com/how-to-detect-phishing-images-in-emails/

Excerpt:

“Phishing has long been a common way to induce a receiver to unveil personal data. Primarily, it works this way: You receive an email from a purportedly reputable source–say, your employer–asking you to click the link and get familiar with new regulations effective in the following week.”


Hackers fool major tech companies into handing over data of women and minors to abuse

Jovi Umawing

https://blog.malwarebytes.com/social-engineering/2022/04/hackers-fool-major-tech-companies-into-handing-over-data-of-women-and-minors-to-abuse/

Excerpt:

“Some major tech companies have unwittingly opened harassment and exploitation opportunities to the women and children who they have pledged to protect. This happened because they provided information in response to emergency data requests from legitimate law enforcement accounts that hackers had compromised. This finding came from four federal law enforcement agencies and a couple of industry investigators.”


Hospitals taken offline after cyberattack

Pieter Arntz

https://blog.malwarebytes.com/reports/2022/04/hospitals-taken-offline-after-cyberattack/

Excerpt:

“The GHT Coeur Grand Est has become a victim of a cyberattack on the hospital centers of Vitry-le-François and Saint-Dizier. The hospital’s administration has warned [French] that data have been exfiltrated and might be used for phishing in the future.”


Iran announced to have foiled massive cyberattacks on public services

Pierluigi Paganini

https://securityaffairs.co/wordpress/130592/hacking/iran-foiled-cyberattacks-public-services.html

Excerpt:

“According to the Iran state television, the attack attempts took place in recent days and aimed at the infrastructure of more than 100 public sector agencies. The report did not name entities that were targeted by the cyberattacks.”


Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine

Threat Hunter Team

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-intense-campaign-ukraine

Excerpt:

“The Russian-linked Shuckworm espionage group (aka Gamaredon, Armageddon) is continuing to mount an intense cyber campaign against organizations in Ukraine.”


Financial leaders grappling with more aggressive and sophisticated attack methods

https://www.helpnetsecurity.com/2022/04/21/cybercriminal-cartels-financial-sector/

Excerpt:

“VMware released a report which takes the pulse of the financial industry’s top CISOs and security leaders on the changing behavior of cybercriminal cartels and the defensive shift of the financial sector.”


How ready are organizations to manage and recover from a ransomware attack?

https://www.helpnetsecurity.com/2022/04/20/attacks-recover-ability/

Excerpt:

“Zerto announced the findings of a ransomware study, revealing that gaps in readiness are seriously impacting the ability of many organizations to manage and recover from attacks.”


New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt

Ravie Lakshmanan

https://thehackernews.com/2022/04/new-enemybot-ddos-botnet-borrows.html

Excerpt:

“A threat group that pursues crypto mining and distributed denial-of-service (DDoS) attacks has been linked to a new botnet called Enemybot, which has been discovered enslaving routers and Internet of Things (IoT) devices since last month.”


FBI: Payment app users targeted in social engineering attacks

Sergiu Gatlan

https://www.bleepingcomputer.com/news/security/fbi-payment-app-users-targeted-in-social-engineering-attacks/

Excerpt:

“Cybercriminals are attempting to trick American users of digital payment apps into making instant money transfers in social engineering attacks using text messages with fake bank fraud alerts.’


Life Sciences students facing mass data breach

Asbah Ahmad

https://www.queensjournal.ca/story/2022-04-14/university/life-sciences-students-facing-mass-data-breach/

Excerpt:

“Confidential student information in the Life Sciences department was disseminated via email on Apr. 7. The information included student GPAs, student names, student numbers, academic plans, and years of study as of Sept. 2021. Students' sexes and email addresses were also compromised.”


APT group has developed custom-made tools for targeting ICS/SCADA devices

Zeljka Zorz

https://www.helpnetsecurity.com/2022/04/14/apt-ics-scada/

Excerpt:

“Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): Certain APT actors have exhibited the capability to gain full system access to multiple industrial control system (ICS)/supervisory control and data acquisition (SCADA) devices.”


Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities

Eduard Kovacs

https://www.securityweek.com/russia-linked-pipedreamincontroller-ics-malware-designed-target-energy-facilities

Excerpt:

“The US government and cybersecurity firms on Wednesday released details about a new piece of malware designed to manipulate and disrupt industrial processes by hacking industrial control systems (ICS).”


DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii

AJ Vicens

https://www.cyberscoop.com/undersea-cable-operator-hacked-hawaii/

Excerpt:

“Federal agents in Honolulu last week “disrupted” an apparent cyberattack on an unnamed telecommunication company’s servers associated with an underwater cable responsible for internet, cable service and cell connections in Hawaii and the region, the agency said in a statement Tuesday.”


Cybersecurity is getting harder: More threats, more complexity, fewer people

https://www.helpnetsecurity.com/2022/04/13/modern-enterprise-security-issues/

Excerpt:

“Splunk and Enterprise Strategy Group released a global research report that examines the security issues facing the modern enterprise. More than 1,200 security leaders participated in the survey, revealing they’ve seen an increase in cyberattacks while their teams are facing widening talent gaps.”


Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid

Zeljka Zorz

https://www.helpnetsecurity.com/2022/04/12/sandworm-ukraine/

Excerpt:

“The Computer Emergency Response Team of Ukraine (CERT-UA), with the help of ESET and Microsoft security experts, has thwarted a cyber attack by the Sandworm hackers, who tried to shut down electrical substations run by an energy provider in Ukraine.”


Snap-on Tools Hit by Cyberattack Claimed by Conti Ransomware Gang

Ionut Arghire

https://www.securityweek.com/high-end-tools-manufacturer-snap-discloses-data-breach

Excerpt:

“High-end tools manufacturer Snap-on is notifying employees that some of their personal information might have been compromised in a recent data breach.”


Finnish govt websites knocked down as Ukraine President addresses MPs

Jessica Lyons Hardcastle

https://www.theregister.com/2022/04/09/dos_attacks_finland_russia/

Excerpt:

“Cyberattacks took down Finnish government websites on Friday while Ukrainian President Volodymyr Zelenskyy addressed Finland's members of parliament (MPs).”


Fraudsters Steal £58m in 2021 Via Remote Access Tools

Phil Muncaster

https://www.infosecurity-magazine.com/news/fraudster-steal-58m-2021-via/

Excerpt:

” Scammers who tricked victims into handing them control of their PCs managed to steal nearly £58m last year, according to official UK police figures.”


Network intrusion detections skyrocketing

https://www.helpnetsecurity.com/2022/04/08/network-malware-detections/

Excerpt:

“A WatchGuard report shows a record number of evasive network malware detections with advanced threats increasing by 33%, indicating a higher level of zero day threats than ever before.”


How many steps does it take for attackers to compromise critical assets?

https://www.helpnetsecurity.com/2022/04/07/attack-critical-assets/

Excerpt:

“The XM Cyber research team analyzed the methods, attack paths and impacts of attack techniques that imperil critical assets across on-prem, multi-cloud and hybrid environments.”


Employee Info Among 13 Million Records Leaked by Fox

Phil Muncaster

https://www.infosecurity-magazine.com/news/employee-info-13-million-records/

Excerpt:

“A configuration error exposed millions of internal records traced back to Fox News, including personally identifiable information on employees, researchers have claimed.”


FIN7 Hackers Leveraging Password Reuse and Software Supply Chain Attacks

Ravie Lakshmanan

https://thehackernews.com/2022/04/fin7-hackers-leveraging-password-reuse.html

Excerpt:

“The notorious cybercrime group known as FIN7 has diversified its initial access vectors to incorporate software supply chain compromise and the use of stolen credentials, new research has revealed.”


US Justice Department shuts down Russian dark web marketplace Hydra

Campbell Kwan

https://www.zdnet.com/article/us-justice-department-shuts-down-russian-dark-web-marketplace-hydra/

Excerpt:

“The US Department of Justice (DOJ) has shut down Hydra Market, one of the world's largest darknet marketplaces. On Tuesday, the DOJ and German federal police seized Hydra's servers and cryptocurrency wallets containing $25 million worth of bitcoin.”


Russian attempts to phish Ukrainian targets with 'war crimes' lures unsuccessful so far, official says

AJ Vicens

https://www.cyberscoop.com/war-crimes-phishing-attempts-russia-ukraine/

Excerpt:

“Phishing attempts sent by Russian hackers to Ukrainian entities in late March with documents purportedly about Russian “war criminals” were not successful, a top Ukrainian cybersecurity official told reporters Tuesday.”


WhatsApp 'Voice Message' Is an Info-Stealing Phishing Attack

Phil Muncaster

https://www.infosecurity-magazine.com/news/whatsapp-voice-message-phishing/

Excerpt:

“Tens of thousands of victims have been tricked into clicking on an email claiming to contain a WhatsApp voicemail message, according to researchers.”