Watch Out for Egregor Ransomware Now Hitting The Scene

A new ransomware strain burst onto the scene in September of this year (2020). Dubbed ‘Egregor’ by the research team at Digital Shadows who discovered it, it has already claimed more than seventy victims in nineteen countries around the world. Worse, the hackers controlling it appear to just be getting started. The malware is expertly designed and all of the …

People Are Paying Ransomware Attackers In Large Numbers In 2020

Hackers have increasingly gravitated to ransomware attacks in 2020, as being one of the best and most reliable paths to a payday. That brings to mind an interesting question though. Naturally, the viability of this type of attack comes down to what percentage of victims are willing to actually pay the ransom, and what is that number as of right …

Some Businesses Are Dangerously Avoiding Critical IT Security Updates

How good is your IT staff at staying current when it comes to applying all the latest security patches? Unfortunately, the answer for most businesses is, “probably not as good as you think.” According to research conducted by Bitdefender, a staggering 64 percent of un-patched vulnerabilities discovered on corporate networks in 2020 involve bugs that date back to 2018 and …

Corporate Internet Users Watch Out For Conti Ransomware

Although you may not be familiar with the name, a strain of ransomware called “Conti” is surging in popularity on the Dark Web and seeing a rapidly growing number of installations, so it’s definitely one to be on guard against. Advanced intel’s Vitali Kremez has been tracking this strain since it first appeared in late 2019. According to Kremez, the …

This New Malware Is Hitting Exchange Servers To Steal Info

In late 2019, a new strain of malware called “Valak” was detected. In the six months that followed its initial discovery in the wild, more than 30 variants of the code were detected. Initially, Valak was classified as a simple loading program. As various groups have tinkered with the code, it has morphed into a much more significant threat, and …

Major Security Flaw Found In Some Cisco Routers

Recently, Cisco disclosed the existence of four serious security flaws in their routers that use iOS and iOS XE software. One of the four, CVE-2020-3227 is rated at a severity of 9.8 out of 10. It allows a remote attacker without credentials to execute commands to the operating software without proper authorization, which in turn, allows a hacker to take …

Update NinjaForms In WordPress To Avoid Potential Hack

Are you one of the million-plus website owners making use of Ninja Forms for WordPress? If so, be aware that the company has recently patched a serious security flaw that allowed hackers to inject malicious code and take over websites. The attack is accomplished via a Cross-Site Request Forgery (CSRF) that leads to a Stored Cross-Site Script attack. All versions …

SBA And CDC Phishing Emails Can Carry Malware

According to Microsoft, its machine learning threat detection models have helped its research teams uncover multiple mal-spam campaigns. These campaigns have been tied together by the common theme of incorporating poisoned disk image files used as attachments. Each campaign has been aimed at a different target population, but all use some variant of COVID-19 in their subject lines, and all …

PC Users Beware Of Downloader For Zoom Created By Hackers

Are you working from home right now? If so, you’re certainly not alone. Tens of millions of people are doing the same, and there are untold millions around the world doing likewise. Working from home presents a host of new challenges, not the least of which is finding ways of communicating face to face without violating social distancing rules. For …

Be On The Lookout As Astaroth Malware Makes A Comeback

Are you familiar with Astaroth? If you’re a data security professional, you’ve probably at least heard the name. The group gained some notoriety last year when it came to light that they had developed a means of spreading “fileless malware” using legitimate Windows tools to infect machines around the world. The Windows Defender ATP team discovered evidence of a massive …