You are here

Home » Cybersecurity

Cybersecurity

Threat Awareness – IcedID Banking Trojan Changes Strategy to Zoom Phishing Sites

Cyble has posted a blog discussing its analysis of a recently discovered phishing campaign targeting Zoom in order to deliver IcedID malware, also known as BokBot. This malware is a banking trojan whose purpose is to steal banking credentials from victims. IcedID also functions as a loader capable of downloading further malware (including ransomware) and is commonly associated with the Emotet botnet. IcedID has been observed traditionally targeting businesses to steal payment information using compromised Office attachments.

Threat Awareness – Over 60,000 Exchange Servers Still Vulnerable to ProxyNotShell Flaws

Bleeping Computer posted an article reporting that more than 60,000 Microsoft Exchange servers have still not been patched against CVE-2022-41082. CVE-2022-41082 is one of the two CVEs that make up the exploit known as ProxyNotShell. For more information, access WaterISAC’s coverage included in the Security & Resilience Update on December 22, 2022 here.

Breach Awareness – Cyber Attack on Third-Party Digital Records Vendor Impacts Local Governments Across Nation

StateScoop has written an article discussing the impacts of a cyberattack against Cott Systems, a nationwide digital records management vendor reportedly utilized by approximately 400 local governments across 21 states. On December 26th, the company alerted customers that they had detected “unusual activity” on internal servers and were taking their network offline. Cott Systems has not yet provided a recovery timeline for its customers, but states that no customer data appears to be affected.

Informational: Data Breach Notification Digest (January 5, 2023)

From time to time (more often, than not) data breaches are disclosed regarding widely used or well-known products, platforms, and organizations. Individually, each notice may seem less significant to report on in the sea of cyber threats and vulnerabilities, but nonetheless may be important for general awareness. Some data breaches may be associated with or an update to a prior cyber attack notification, such as data that was discovered/confirmed stolen after a ransomware attack.

Phishing, Ransomware, and other Threats Continued to Plague Email Security in 2022

Email security continues to challenge organizations large and small and remains one of the principal attack vectors in which threat actors gain access to a company before conducting further malicious activity, such as ransomware attacks. While security teams continuously combat email security with controls such as encryption and business email compromise protection, fundamentally, email security is about people.

Ransomware Awareness – New Extortion Tactic Uses Spoofed Website of Victim to Publish Stolen Data

ALPHV/BlackCat, one of 2022’s most notable ransomware menaces, continues to evolve its data extortion tactics in ongoing attempts to coerce victims into paying. The most recent tactic involves the group creating a replica of a victim’s website to publish stolen data openly on the internet. While the domain name and appearance of the website closely resembles the victim’s legitimate site, ALPHV uses its own directory structure to organize the leaked data.

Pages

Subscribe to Cybersecurity