A new ransomware family, which ESET detects as CryCryptor, has been targeting Android users in Canada under the guise of an official COVID-19 tracing app. ESET put an end to the attack. ESET researchers, thanks to a tweet announcing a discovery of what was thought to be Android banking malware, discovered a ransomware operation targeting Android users in Canada. Using two COVID-19 themed websites, the attackers behind the operation lured people to download a ransomware app disguised as an official COVID-19 tracing tool. Now, both websites are down. ESET researchers wrote a decryption tool for CryCryptor’s victims, based on a…
ISBuzz Team
New details have emerged on the activity of the infamous Fxmsp hacker that last year was advertising access to the networks of three cybersecurity vendors. Researchers tracking Fxmsp’s ventures on underground forums counted the network intrusions associated with this actor and revealed the presumed identity of the attacker. Researchers at Group-IB examined Fxmsp’s exposure in the public areas of the forums where they were advertising their business, assessing that the actor breached networks of at least 135 companies in 44 countries. Among the targets are small and medium-sized enterprises (SME), government organizations, banks, and Fortune 500 companies. Group-IB’s conservative estimate is that in…
Today it was announced that Frost & Sullivan experienced a data breach exposing sensitive information such as first and last names, log in names, and hashed passwords. It was determined that the exposed folder was discovered during a daily monitoring routine and included the data of employees and clients among other tables that identify access as administrator.
New research from Centrify reveals insight into businesses’ preparation, policies and approaches to 100 per cent remote working during the Coronavirus outbreak Almost half (48 per cent) of business decision makers have admitted that their existing cyber security policies are currently not suitable for maintaining a 100 per cent remote working model. This increased risk has led to nearly two thirds (65 per cent) anticipating an increase in phishing and breach attempts, according to a new survey from Centrify, a leading provider of Identity-Centric privileged access management (PAM) solutions. The survey, conducted by independent polling provider Censuswide on behalf of Centrify,…
Cybersecurity experts comments below on the new ransomware targeting Canada that is masking as a COVID-19 contact tracing app.
Microsoft today announced the general availability of the Office 365 Safe Documents security feature which expands the protection provided by Protected View by checking untrusted documents for risks and known threats. Safe Documents — launched in private preview in February — uses Microsoft Defender Advanced Threat Protection (ATP) to scan documents opened in Protected view and block users from editing them until a verdict is available.
Activity logs on a server used by the TrickBot trojan in post-compromise stages of an attack show that the actor takes an average of two weeks pivoting to valuable hosts on the network before deploying Ryuk ransomware. After compromising the network, the attacker starts scanning for live systems that have specific ports open and stealing password hashes from the Domain Admin group.
Avast warns of intrusive apps and shares tips on how to avoid falling for adware scams Avast (LSE:AVST), a global leader in digital security and privacy products, has discovered and reported 47 gaming apps to Google. Currently, 17 of the apps are still available on the Google Play Store, but Google’s investigations into the apps are ongoing. The apps, which were available in the Play Store are a part of the HiddenAds family, a Trojan disguised as a safe and useful application but instead serves intrusive ads outside of the app. The apps have been downloaded more than 15 million…
Cloud Controls Matrix, Consensus Assessments Initiative Questionnaire, and PLA Code of Conduct for GDPR Compliance available to global audience The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, announced today that three of its most popular assessment and guidance documents that ensure compliance with cloud security protocols are now, in the context of an agreement with OneTrust, available in 10 languages. TheCloud Controls Matrix, Consensus Assessments Initiative Questionnaire, and Privacy Level Agreement Code of Conduct for GDPR Compliance are now available in Spanish (ES), German (DE), French (FR), Italian (IT),…
It has been reported that Twitter has detailed a serious “security incident” on the billing information of businesses using the social media giant. In a message to business owners on the platform, Twitter reported a data breach while using its advertisement and analytics platform. This meant that prior to May 20, 2020 certain details would be stored within a web browser’s cache. Web cache is whereby documents or information of the pages a user has visited are stored on the web browser. In a message to sent to business owners on the platform, Twitter said: “We are writing to let you know of a data security…