Author: ISBuzz Team

Following research by Which? that found three in five people received fake delivery company texts over the last year, Industry Leaders commented below.

Phishing impersonations and business email compromise attacks designed to steal victims’ bitcoin surged by 192% between October 2020 and May 2021, closely following the rising demand and increasing price of bitcoin over the last eight months [FIGURE 1], according to new analysis by Barracuda Networks, the trusted partner and leading provider for cloud-enabled security solutions, in their most recent Threat Spotlight research. Bitcoin themed cyber attacks have typically been used in extortion and ransomware attacks in the past, but hackers have now started to incorporate cryptocurrency into spear phishing, impersonation, and business email compromise attacks, the analysis revealed. The Threat…

BACKGROUND: A research paper by defence think tank Royal United Services Institute (RUSI) examining cyber insurance and the cybersecurity challenge has found that cyber insurance isn’t just encouraging cyber criminals, it’s also not sustainable for the cyber insurance industry. “To date, cyber insurance has failed to live up to expectations that it may act as a tool for improving organisations’ cyber security practices,” RUSI said. And it warned: “Cyber insurers may be unintentionally facilitating the behaviour of cybercriminals by contributing to the growth of targeted ransomware operations.”

BACKGROUND: A security vulnerability in Cisco Adaptive Security Appliance (ASA) that was addressed by the company last October and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept (PoC) exploit code. The PoC was published by researchers from cybersecurity firm Positive Technologies on June 24, following which reports emerged that attackers are chasing after an exploit for the bug. https://twitter.com/M157q_News_RSS/status/1409780336544784387

DeltaNet International, a global eLearning provider of compliance training solutions, has today announced the availability of its Phishing Simulator, to help organisations strengthen their cybersecurity awareness training against phishing attacks. This solution enables organisations to assess the effectiveness of their cybersecurity education, diagnosing vulnerabilities and identifying urgent skills gaps through realistic phishing simulations. The phishing simulation tool can be used simply to test the susceptibility of an organisation from falling victim to a phishing attack, but when combined with follow-up training to close knowledge and risk gaps, users can experience true added value. The simulator allows users to choose from a carefully curated selection of phishing email templates, or create new templates specifically for their campaign and fully customise the software based on their brand and requirements. Available direct or through resellers, users can simulate targeted spear-phishing attacks, such as clicking on malicious URLs, and requests for personal information and passwords. The…

It has been reported that Brazilian medical diagnostic company Grupo Fleury has suffered a ransomware attack that has disrupted business operations after the company took its systems offline. Grupo Fleury is the largest medical diagnostics company in Brazil, with over 200 service centers and more than 10,000 employees. The company performs approximately 75 million clinical exams in a year. Starting yesterday, the Fleury website began displaying an alert warning that they suffered an attack and that systems are no longer accessible.

In light of the news of gamers being conned into helping hackers to become rich through a hidden crypto-mining malware called Crackonosh, please find comment from security experts.

BACKGROUND: More than three-quarters of security professionals and consumers alike believe that making ransomware payments to cyber criminals should be made illegal to stem to tide of attacks, shows research from MSSP Talion and the Research Institute for Sociotechnical Cyber Security (Riscs). The study, commissioned to support the launch of a cyber campaign collective dubbed #Ransomaware, also claimed that 81% of security pros believe sharing information about ransomware is the key to building better defences.

BACKGROUND: A bipartisan group of U.S. House of Representatives members introduced H.R. 4055 in a move to establish a cybersecurity literacy and public awareness campaign targeted to educating the American public. Representatives Adam Kinzinger (R-IL-16) said: “As technological advancements increase and become more complex, it is critical that everyone is aware of the risks posed from cyberattacks and how to mitigate those risks for personal security.” Kinzinger leads the initiative with Representatives Gus Bilirakis (R-FL), Anna Eshoo (D-CA), Marc Veasey (D-TX), and Chrissy Houlihan (D-PA) to introduce the American Cybersecurity Literacy Act.

Mercedes-Benz USA has disclosed a data breach within one of its vendors that leaked customers’ and potential buyers’ sensitive and personal information. According to the announcement, the information comes from customers who entered various personal details on Mercedes-Benz websites between Jan. 1, 2014, and June 19, 2017. Customers and potential customers from the affected time period may have had their driver’s license numbers, Social Security numbers, and credit card information leaked. Additionally, self-reported credit scores and dates of birth are all part of the data breach.