Author Archives: David Bisson

President Trump’s Campaign Website Defaced by Cryptocurrency Scammers

Unknown individuals temporarily defaced the official campaign website of President Donald Trump with a cryptocurrency scam. Twitter user Gabriel Lorenzo Greschler was among the first to spot the defacement, which is believed to have occurred at around 16:00 PST on October 27. .@realDonaldTrump's campaign website has been hacked. Doing research for a climate change article […]… Read More

The post President Trump’s Campaign Website Defaced by Cryptocurrency Scammers appeared first on The State of Security.

How Containers Support the IT-OT Convergence

The worlds of information technology (IT) and operational technology (OT) are colliding. In July 2019, Automation.com cited a survey finding where 82% of respondents told Forrester and Nozomi Networks that their organizations were in the early stages of an IT-OT convergence. Some said their organizations were embracing this meeting more fully. This finding begs several […]… Read More

The post How Containers Support the IT-OT Convergence appeared first on The State of Security.

Amazon Discloses Security Incident Involving Customers’ Email Addresses

Amazon informed some of its customers about a security incident that involved the unauthorized disclosure of their email addresses. News of the security incident emerged over the weekend of October 23 when multiple users took to Twitter to voice their confusion over an email they had received from Amazon. In an email notification obtained by […]… Read More

The post Amazon Discloses Security Incident Involving Customers’ Email Addresses appeared first on The State of Security.

DOJ Says Iran Targeted American Voters with Threatening Emails

The U.S. Department of Justice (DOJ) said Iran was responsible for an attack campaign that targeted American voters with threatening emails. On October 21, the Justice Department held a press conference in which FBI Director Christopher Wray and Director of National Intelligence John Ratcliffe linked Iran to a spam campaign making the rounds in the […]… Read More

The post DOJ Says Iran Targeted American Voters with Threatening Emails appeared first on The State of Security.

Montréal Public Transport Agency Discloses Ransomware Attack

A public transport agency operating in Montréal announced that a ransomware attack had affected its website and other systems. The Société de transport de Montréal (STM) disclosed the infection on a web page it created to keep customers updated about its services while its main site remains offline: Since the afternoon of October 19, the […]… Read More

The post Montréal Public Transport Agency Discloses Ransomware Attack appeared first on The State of Security.

Ransomware Gang Donated Part of Ransom Demands to Charities

A budding ransomware group donated part of the ransom demands that it had previously extorted from its victims to two charities. On October 13, the Darkside ransomware group announced the donations in a blog post on its dark web portal. As quoted by ZDNet: As we said in the first press release – we are […]… Read More

The post Ransomware Gang Donated Part of Ransom Demands to Charities appeared first on The State of Security.

6 Common Phishing Attacks and How to Protect Against Them

Phishing attacks continue to play a dominant role in the digital threat landscape. In its 2020 Data Breach Investigations Report (DBIR), for instance, Verizon Enterprise found that phishing was the second topmost threat action variety in security incidents and the topmost threat action variety in data breaches. It therefore comes as no surprise that more […]… Read More

The post 6 Common Phishing Attacks and How to Protect Against Them appeared first on The State of Security.

U.S. Federal Court Issues Restraining Order against Tech Support Scheme

A federal court in the United States issued a temporary restraining order against a tech support scheme that’s alleged to have targeted U.S. consumers. On October 15, the U.S. District Court filed Southern District of Florida submitted a complaint against Michael Brian Cotter, 59, of Glendale, California. The complaint alleged that Cotter had worked with […]… Read More

The post U.S. Federal Court Issues Restraining Order against Tech Support Scheme appeared first on The State of Security.

Silent Librarian APT Targeting Universities with Spear Phishing Attacks

Security researchers discovered that an APT group known as “Silent Librarian” is actively targeting universities with spear phishing attacks. Malwarebytes learned in mid-September that Silent Librarian, also known as “TA407” and “COBALT DICKENS,” had launched a new attack campaign. In its analysis of the operation, the security firm found that the threat actor had registered […]… Read More

The post Silent Librarian APT Targeting Universities with Spear Phishing Attacks appeared first on The State of Security.

JavaScript Used by Phishing Page to Steal Magento Credentials

Digital attackers created a Magento phishing page that used JavaScript to exfiltrate the login credentials of its victims. Sucuri came across a compromised website using the filename “wp-order.php” during an investigation. This phishing page hosted what appeared to be a legitimate Magento 1.x login portal at the time of discovery. In support of this ruse, […]… Read More

The post JavaScript Used by Phishing Page to Steal Magento Credentials appeared first on The State of Security.

Fake Windows Defender Antivirus Theme Used to Spread QBot

Digital attackers incorporated a fake Windows Defender Antivirus theme into a malicious document in order to distribute QBot malware. According to Bleeping Computer, the QBot gang began using a new template for their email attack campaigns’ malicious documents beginning on August 25, 2020. The template adopted the disguise of a Windows Defender Antivirus alert in […]… Read More

The post Fake Windows Defender Antivirus Theme Used to Spread QBot appeared first on The State of Security.

Android Locker Variant Uses Innovative Sequence to Load Ransom Note

A new variant of a sophisticated Android locker family used an innovative sequence to load its ransom note on infected devices. On October 8, Microsoft Defender Research Team revealed that it had spotted a new Android locker variant using novel techniques to display its ransom note to its victims. This threat specifically targeted two components […]… Read More

The post Android Locker Variant Uses Innovative Sequence to Load Ransom Note appeared first on The State of Security.

New ‘MontysThree’ Toolset Used in Targeted Industrial Espionage Attacks

Researchers uncovered a new toolset they’ve dubbed “MontysThree” that has played a role in targeted industrial espionage attacks stretching back to 2018. In the summer of 2020, Kaspersky Lab discovered that an unknown actor had been using a modular C++ toolset called “MT3” to conduct targeted industrial espionage campaigns for years. The security firm analyzed […]… Read More

The post New ‘MontysThree’ Toolset Used in Targeted Industrial Espionage Attacks appeared first on The State of Security.

New Valak Variant Makes “Most Wanted Malware” List for First Time

An updated variant of the Valak malware family earned a place on a security firm’s “most wanted malware” list for the first time. Check Point revealed that an updated version of Valak ranked as the ninth most prevalent malware in its Global Threat Index for September 2020. First detected back in 2019, Valak garnered the […]… Read More

The post New Valak Variant Makes “Most Wanted Malware” List for First Time appeared first on The State of Security.

New Attack Abused Windows Error Reporting Service to Evade Detection

Security researchers came across a new attack that abused the Windows Error Reporting (WER) service in order to evade detection. Malwarebytes observed that the attack began with a .ZIP file containing “Compensation manual.doc.” The security firm reasoned that those responsible for this attack had likely used spear-phishing emails to distribute the document, a file which […]… Read More

The post New Attack Abused Windows Error Reporting Service to Evade Detection appeared first on The State of Security.

30 Ransomware Prevention Tips

Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. But paying the ransom doesn’t mean that your organization will get its affected data back. Let’s not forget that ransomware also continues to evolve as a threat category. Beginning in […]… Read More

The post 30 Ransomware Prevention Tips appeared first on The State of Security.