Category Archives: IT Security and Data Protection

President Trump’s Campaign Website Defaced by Cryptocurrency Scammers

Unknown individuals temporarily defaced the official campaign website of President Donald Trump with a cryptocurrency scam. Twitter user Gabriel Lorenzo Greschler was among the first to spot the defacement, which is believed to have occurred at around 16:00 PST on October 27. .@realDonaldTrump's campaign website has been hacked. Doing research for a climate change article […]… Read More

The post President Trump’s Campaign Website Defaced by Cryptocurrency Scammers appeared first on The State of Security.

Amazon Discloses Security Incident Involving Customers’ Email Addresses

Amazon informed some of its customers about a security incident that involved the unauthorized disclosure of their email addresses. News of the security incident emerged over the weekend of October 23 when multiple users took to Twitter to voice their confusion over an email they had received from Amazon. In an email notification obtained by […]… Read More

The post Amazon Discloses Security Incident Involving Customers’ Email Addresses appeared first on The State of Security.

Australia Proposes Security Law to Protect Critical Infrastructure Against Cyber Attacks

The Australian Government is committed to protecting the essential services all Australians rely on by uplifting the security and resilience of critical infrastructure. Increasingly interconnected and interdependent critical infrastructure is delivering efficiencies and economic benefits to operations. However, connectivity without proper safeguards creates vulnerabilities that can deliberately or inadvertently cause disruption resulting in cascading consequences […]… Read More

The post Australia Proposes Security Law to Protect Critical Infrastructure Against Cyber Attacks appeared first on The State of Security.

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites. The flaw can be exploited if a user attempts to […]… Read More

The post Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered appeared first on The State of Security.

DOJ Says Iran Targeted American Voters with Threatening Emails

The U.S. Department of Justice (DOJ) said Iran was responsible for an attack campaign that targeted American voters with threatening emails. On October 21, the Justice Department held a press conference in which FBI Director Christopher Wray and Director of National Intelligence John Ratcliffe linked Iran to a spam campaign making the rounds in the […]… Read More

The post DOJ Says Iran Targeted American Voters with Threatening Emails appeared first on The State of Security.

The 5 Best Ways to Handle Sensitive Data

There are two significant trends occurring right now that shouldn’t be a surprise to anyone reading this post. First, businesses are gathering and leveraging more and more data to improve their core services. Second, more compliance and regulatory standards are popping up from governments and private organizations. As these businesses realize that collecting and utilizing […]… Read More

The post The 5 Best Ways to Handle Sensitive Data appeared first on The State of Security.

Montréal Public Transport Agency Discloses Ransomware Attack

A public transport agency operating in Montréal announced that a ransomware attack had affected its website and other systems. The Société de transport de Montréal (STM) disclosed the infection on a web page it created to keep customers updated about its services while its main site remains offline: Since the afternoon of October 19, the […]… Read More

The post Montréal Public Transport Agency Discloses Ransomware Attack appeared first on The State of Security.

Ransomware Gang Donated Part of Ransom Demands to Charities

A budding ransomware group donated part of the ransom demands that it had previously extorted from its victims to two charities. On October 13, the Darkside ransomware group announced the donations in a blog post on its dark web portal. As quoted by ZDNet: As we said in the first press release – we are […]… Read More

The post Ransomware Gang Donated Part of Ransom Demands to Charities appeared first on The State of Security.

A Closer Look at the Attempted Ransomware Attack on Tesla

Cybersecurity is in the news again with the disclosure that Tesla, working in conjunction with the FBI, prevented a ransomware attack from being launched at its Gigafactory in Nevada. The cybercriminals targeted Tesla through one of its employees, whom they allegedly promised to pay $1 million in order to help them infect the company’s system […]… Read More

The post A Closer Look at the Attempted Ransomware Attack on Tesla appeared first on The State of Security.

U.S. Federal Court Issues Restraining Order against Tech Support Scheme

A federal court in the United States issued a temporary restraining order against a tech support scheme that’s alleged to have targeted U.S. consumers. On October 15, the U.S. District Court filed Southern District of Florida submitted a complaint against Michael Brian Cotter, 59, of Glendale, California. The complaint alleged that Cotter had worked with […]… Read More

The post U.S. Federal Court Issues Restraining Order against Tech Support Scheme appeared first on The State of Security.

Silent Librarian APT Targeting Universities with Spear Phishing Attacks

Security researchers discovered that an APT group known as “Silent Librarian” is actively targeting universities with spear phishing attacks. Malwarebytes learned in mid-September that Silent Librarian, also known as “TA407” and “COBALT DICKENS,” had launched a new attack campaign. In its analysis of the operation, the security firm found that the threat actor had registered […]… Read More

The post Silent Librarian APT Targeting Universities with Spear Phishing Attacks appeared first on The State of Security.

Barnes & Noble warns customers it has been hacked, customer data may have been accessed

American bookselling giant Barnes & Noble is contacting customers via email, warning them that its network was breached by hackers, and that sensitive information about shoppers may have been accessed. In the email to customers, Barnes & Noble says that it became aware that it had fallen victim to a cybersecurity attack on Saturday October […]… Read More

The post Barnes & Noble warns customers it has been hacked, customer data may have been accessed appeared first on The State of Security.

JavaScript Used by Phishing Page to Steal Magento Credentials

Digital attackers created a Magento phishing page that used JavaScript to exfiltrate the login credentials of its victims. Sucuri came across a compromised website using the filename “wp-order.php” during an investigation. This phishing page hosted what appeared to be a legitimate Magento 1.x login portal at the time of discovery. In support of this ruse, […]… Read More

The post JavaScript Used by Phishing Page to Steal Magento Credentials appeared first on The State of Security.

Lessons From Teaching Cybersecurity: Week 3

As I had mentioned previously, this year, I’m going back to school. Not to take classes but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their […]… Read More

The post Lessons From Teaching Cybersecurity: Week 3 appeared first on The State of Security.

Fake Windows Defender Antivirus Theme Used to Spread QBot

Digital attackers incorporated a fake Windows Defender Antivirus theme into a malicious document in order to distribute QBot malware. According to Bleeping Computer, the QBot gang began using a new template for their email attack campaigns’ malicious documents beginning on August 25, 2020. The template adopted the disguise of a Windows Defender Antivirus alert in […]… Read More

The post Fake Windows Defender Antivirus Theme Used to Spread QBot appeared first on The State of Security.

How Cybersecurity Leaders Can Understand the Value of Their Organization’s Security Solutions

“Gartner projections show the growth in cybersecurity spending is slowing. Cybersecurity grew at 12% (CAGR) in 2018, and it is projected to decline to only 7% (CAGR) by 2023. Gartner clients are also reporting that after years of quarterly reporting on cybersecurity to their boards, that boards are now pushing back and asking for improved […]… Read More

The post How Cybersecurity Leaders Can Understand the Value of Their Organization’s Security Solutions appeared first on The State of Security.

Deepfake Voice Technology Iterates on Old Phishing Strategies

As the world of AI and deepfake technology grows more complex, the risk that deepfakes pose to firms and individuals grows increasingly potent. This growing sophistication of the latest software and algorithms has allowed malicious hackers, scammers and cyber criminals who work tirelessly behind the scenes to stay one step ahead of the authorities, making […]… Read More

The post Deepfake Voice Technology Iterates on Old Phishing Strategies appeared first on The State of Security.

Android Locker Variant Uses Innovative Sequence to Load Ransom Note

A new variant of a sophisticated Android locker family used an innovative sequence to load its ransom note on infected devices. On October 8, Microsoft Defender Research Team revealed that it had spotted a new Android locker variant using novel techniques to display its ransom note to its victims. This threat specifically targeted two components […]… Read More

The post Android Locker Variant Uses Innovative Sequence to Load Ransom Note appeared first on The State of Security.

Hackers disguise malware attack as new details on Donald Trump’s COVID-19 illness

The confirmation that US President Donald Trump has been infected by the Coronavirus, and had to spend time this weekend in hospital, has – understandably – made headlines around the world. And there are plenty of people, on both sides of the political divide, who are interested in learning more about his health status. It’s […]… Read More

The post Hackers disguise malware attack as new details on Donald Trump’s COVID-19 illness appeared first on The State of Security.

New Valak Variant Makes “Most Wanted Malware” List for First Time

An updated variant of the Valak malware family earned a place on a security firm’s “most wanted malware” list for the first time. Check Point revealed that an updated version of Valak ranked as the ninth most prevalent malware in its Global Threat Index for September 2020. First detected back in 2019, Valak garnered the […]… Read More

The post New Valak Variant Makes “Most Wanted Malware” List for First Time appeared first on The State of Security.

Lessons From Teaching Cybersecurity: Week 2

As I had mentioned previously, this year, I’m going back to school. Not to take classes but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their […]… Read More

The post Lessons From Teaching Cybersecurity: Week 2 appeared first on The State of Security.

New Attack Abused Windows Error Reporting Service to Evade Detection

Security researchers came across a new attack that abused the Windows Error Reporting (WER) service in order to evade detection. Malwarebytes observed that the attack began with a .ZIP file containing “Compensation manual.doc.” The security firm reasoned that those responsible for this attack had likely used spear-phishing emails to distribute the document, a file which […]… Read More

The post New Attack Abused Windows Error Reporting Service to Evade Detection appeared first on The State of Security.