Elizabeth Hernandez

The cyberattack on Equifax affected almost half the population of the United States. 143 million U.S. consumers potentially had their sensitive data stolen by hackers, as did around 400,000 individuals in the United Kingdom and 100,000 consumers in Canada. To … Read more

The average cost of a SMB data breach is now $117,000 per incident, according to a large study of data breach costs at small to medium sized businesses. The study was conducted by Kaspersky Lab and B2B International, with over … Read more

Popup warnings of missing fonts, specifically the Hoeflertext font, are being used to infect users with malware. The Hoeflertext warnings appear as popups when users visit compromised websites using the Chrome or Firefox browsers. The warnings flash up on screen … Read more

Defray ransomware is being used in targeted hacking campaigns on groups in the healthcare and education sectors. The new ransomware variant is being shared via email; however, in contrast to many ransomware campaigns, the emails are not being distributed in … Read more

The busiest day of the week for email spam is  typically Tuesday and cyber criminals focus on sending messages during the working day, Monday to Friday, according to a 2017 spam study completed by IBM X-Force. The study was carried … Read more

Two new Locky ransomware spam campaigns have been witnessed this month, each being used to distribute a new variant of the cryptoransomware. The campaigns have started after a relatively quiet period for ransomware campaigns, although the most recent campaigns show … Read more

The cost of a malware attack is difficult to predict. There are many factors that affect the cost. The type of malware, whether data were stolen, the extent of the infection, how easy it is to mitigate, and how much … Read more

The most hectic day of the week for email spam is Tuesday and hackers focus on sharing messages during working hours, Monday to Friday, according to a 2017 spam study facilitated by IBM X-Force. The study was run during 6-month … Read more

The importance of implementing good patch management policies was clearly highlighted by the WannaCry ransomware attacks in May. The ransomware attacks were made possible due to poor patch management policies at hundreds of companies. The attackers leveraged a vulnerability in … Read more

Ransomware attacks on small businesses can have major consequences. Many small companies have little spare capital and certainly not enough to be doling out cash to cybercriminals, let alone enough to cover the cost of loss of business while systems … Read more

A U.S senator is asking the Department of Homeland Security and other federal agencies to implement DMARC to prevent impersonation attacks being conducted through email. In recent months, several government agencies have been focused on by phishers who have used … Read more

The self-titled Spam King, Sandford Wallace, has been given a 30-month jail sentence in relation to a Facebook spam campaign carried out between November 2008 and February 2009. Wallace illegally gained access to around 550,000 Facebook accounts and used those … Read more

2017 US data breaches have reached a record high, jumping an incredible 29% year over year. The mid-year data breach report from the Identity Theft Resource Center (ITRC) and CyberScout shows there were 791 reported data breaches between January 1 … Read more

Human error was to blame for a massive Verizon Communications data leak that saw the personal information, account details and PIN numbers of more than 6 million customers exposed on the Internet. The Verizon Communications data leak is particularly serious … Read more

Over 60 apps have now been deleted from Google Play Store due to the presence of AdultSwine Malware, a form of malware that displays pornographic adverts on users’ devices. Many of the apps that included the malware were focused on … Read more

Microsoft has released emergency Windows XP updates to tackle exploitation of the Windows Server Message Block (SMB) vulnerability used to infect computers globally with ransomware on May 12, 2017. The move came as a shock as the operating system is … Read more

The Anti-Phishing Working Group (APWG) has recently released a new report showing the changing trends in phishing in 2016. The report provides interesting insights into how cybercriminal activity is changing and the attack methods most commonly used by cybercriminals to … Read more

A new study conducted by the Ponemon Institute has shown that General Data Protection Regulation preparations have only been made by a small minority of companies, with almost half of surveyed organizations unsure where to even start. The General Data … Read more

The U.S. Federal Bureau of Investigation has issued its annual Internet Crime Report, showing cybercriminals have netted at least $1.3 billion last year. The figures for the report were compiled by the FBI’s Internet Crime Complaint Center, or IC3 is … Read more

A massive global cyberattack is underway involving Petya ransomware. Ukraine has been hit particularly hard although companies all over Europe have reported that systems have been taken out of action and ransoms demanded. Social media websites are awash with reports … Read more

The WannaCry ransomware campaign may have attracted a lot of media attention, but Locky ransomware presents a bigger threat to organizations with a new Locky ransomware campaign now a regular event. The ransomware was initially seen in February last year … Read more

The recent ransomware attack on University College London has been discovered to have occurred as a result of an end user visiting a website hosting the Astrim exploit kit. Exploit kits are used to probe for vulnerabilities and exploit flaws … Read more

The healthcare industry has been heavily targeted by cybercriminals, but retail industry data breaches are now the most common according to a recent study by Trustwave. Retail industry data breaches account for 22% of all reported breaches, closely followed by … Read more

For the first time in the past seven years, the cost of a data breach has fallen, with a 10% reduction in per capita data breach costs across all industry sectors. The global study revealed the average cost of a … Read more

Hackers have been conducting fileless malware phishing attacks and restaurants are being focused on. Restaurants are being targeted as they tend to have relatively weak cybersecurity defenses and criminals can easily obtain access to the credit card details of thousands … Read more

A Google phishing scam has been discovered infiltrated online accounts over the past couple of days. Emails have been sent in the millions asking individuals to edit Google Docs files. The emails seem to have been sent by known people, … Read more

Jaff ransomware, a new Locky-type encryptor, is being shared around by the same group distributed by the individuals responsible for distributing the Dridex banking Trojan and Locky ransomware. This group has also previously used Bart ransomware to encrypt files in … Read more

A recent Lazio phishing scam result in €2 million being stolen from the Italian Serie A football team. The cybercriminals intercepted the last installment of a transfer of a football player to the bank account of a hacker. The scam … Read more

Over the past few days, a new threat called Fireball malware has been spreading rapidly and has allegedly been installed on more than 250 million computer systems. An estimated 20% of corporate networks have been infected with the malware. 10% … Read more

The most recent Locky campaign uses a different tactic to complete infection. Earlier Locky campaigns have used malicious Word macros connected to spam emails. If the email attachment is clicked on, end users are asked to allow macros to view … Read more

The EternalRocks worm is a new threat that comes hot on the heels of WannaCry ransomware. The self-replicating network work uses similar tactics to infect computers and spread to other connected devices; however, in contrast to the worm used to … Read more

A new Uiwix ransomware variant has been detected using EternalBlue to gain access to vulnerable systems. Businesses that have not yet patched they systems are vulnerable to this new attack. In contrast to the WannaCry ransomware variant that was used … Read more

An Edmodo data breach has been reported that has impacted tens of millions of users of the education platform, including teachers, students and parents. Edmodo is a platform used for K-12 school lesson planning, homework assignments and to access grades … Read more

The Solicitors Regulation Authority in the United Kingdom has recently released an alert in relation to law firm email scams following a sharp increase in law firm cyberattacks. According to SRA figures, around 500 UK law firms have been targeted … Read more

A Mac malware warning has been issued for any individual who recently downloaded Handbrake for Mac. A server was compromised and a remote access Trojan was bundled with the Handbrake Apple Disk Image file. A credential-stealing Remote Access Trojan was … Read more

A patch has been rushed and released to address a serious Microsoft Malware Protection Engine bug, termed ‘Crazy Bad’ by the researchers who discovered the flaw. If exploited, the vulnerability would allow threat actors to turn the malware protection software … Read more

A sophisticated new malware threat has been discovered that is being used to target a wide range of industry sectors and infect systems with RAT/malware. The campaign is being used to spread multiple malware variants and gain full access to … Read more

Sabotage, subversion and ransomware attacks all increased sharply in 2016, with malware-infected emails now at a five-year high according to the latest installment of Symantec’s Internet Security and Threat Report (ISTR). For the 22nd volume of the report, the antivirus … Read more

Kaspersky Lab has released new figures showing software exploit attacks increased by almost a quarter in 2016. In total, more than 702 million attempted software exploit attacks were performed; a rise of 24.54% year on year. Corporate users were the … Read more

Locky is back. The latest Locky ransomware attacks leverage an infection technique used in Dridex malware campaigns. It has been all quiet on the western front, with Locky ransomware attacks dropping off to a tiny fraction of the number seen … Read more

In the United States, the healthcare sector is being focused on, by hackers and scammers, with phishing attacks on healthcare organizations one of the most simple and most experienced methods of gaining access to email accounts and protected health information. … Read more

The Intercontinental Hotels Group data breach previously announced in February as affecting 12 hotels in the chain has proven to have been far more extensive than was first thought. Last week the group announced that the breach affected guests that … Read more

Last week, the Bitglass Threats Below the Surface Report was released. The report highlights the extent to which organizations are being attacked by cybercriminals. Far from cyberattacks being a relatively rare occurrence, they are now as certain as death and … Read more

Do you have any machines running on unsupported operating systems? Is all of your software up to date with all of the latest patches applied? If you are not patching promptly or are still running outdated, unsupported operating systems or … Read more

Windows-based systems are far more likely to be infected by viruses and malware; however, Mac users are far from immune to malware infections. A new report from McAfee suggests Mac malware infections increased substantially in 2016. Malware instances rose by … Read more

A new variant of Stampedo ransomware – called Philadelphia ransomware – is being used in targeted attacks on the healthcare sector in the United States. The ransomware variant is being spread using spear phishing emails. Spear phishing emails have been … Read more

Anti-pornography legislation in Alabama could be introduced from January 1, 2018, following the introduction of a new bill last month. House Bill 428 was introduced by Jack Williams (R-Montgomery) to prevent state residents from using Internet-enabled devices to view obscene material. … Read more

Dropbox phishing campaigns are relatively typical and often fool employees into revealing their sensitive information or installing malware. Dropbox is widely used for sharing files and employees are used to receiving links advising them that files have been shared with … Read more

The source code for the NukeBot Trojan has been published online on a source-code management platform. The code for NukeBot – or Nuclear Bot as it is also known –  appears to have been released by the author, rather than … Read more