Sophos

Beware the Smish! Home delivery scams with a professional feel…

“Evri” is a recent UK-specific rebrand of the German company “Hermes”, so that UK customers may very well still be getting used to the new look and feel of the rebranded website, and to the new domain name. This could favor the scammers.

Phishing goes KISS: Don’t let plain and simple messages catch you out!

KISS improves security when your IT team avoids jargon and makes complex-but-important tasks easier to understand, but it reduces security when crooks steer clear of mistakes that would otherwise give their game away.

Qakbot injects itself into the middle of your conversations

The messages generally contain brief text content, followed by a link to download a zip archive. These links may be “bare URLs” like above, or hot-linked text in the message body.

French speakers blasted by sextortion scams with no text or links

In this revised type of sextortion scam, the crooks typically add some widely-known data from an earlier data breach into the email to leverage the familiarity with the related brand.

APT-C-23 Hackers Using New Android Spyware Variant to Target Middle East Users

The new variants appear in the form of an app that purports to install updates on the target’s phone, with names that include App Updates, System Apps Updates, or Android Update Intelligence.

Cring ransomware group exploits ancient ColdFusion server

In an attack recently investigated by Sophos, an unknown threat actor exploited an ancient-in-internet-years vulnerability in an 11-year-old installation of Adobe ColdFusion 9 to infect the server.

Malware increasingly targets Discord for abuse

An investigation by Sophos researchers found that more than half of network traffic generated by malware uses TLS encryption, and 20 percent of that involved communication with legit online services.
June 14, 2021

Relentless REvil, revealed: RaaS as variable as the criminals who use it

The transition to a service model of doing business transformed ransomware, giving its developers the ability to focus on features, and leaving its customers to execute the break-in and deployment.

New Golang-based Epsilon Red Ransomware Leverages PowerShell Scripts for Malicious Objectives

The malware was delivered as the final executable payload in a hand-controlled attack against a US-based business in the hospitality industry with early-stage components in form of PowerShell scripts.

Cybercriminals Use Fake Android and iOS Apps Disguised as Trading and Cryptocurrency Apps to Conduct Fraud

These fraudulent applications are aimed at exploiting the increased interest in trading apps, driven by the recent significant rise in the value of cryptocurrencies and interest in stock trading.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags