<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: cyber-attack

LAZARUS GROUP ALMOST STOLE COVID-19 VACCINE RESEARCH

While vaccines are slowly being distributed around the world, COVID-19 is still on the loose, and the in many ways – the world is still at a halt. Researchers at Kaspersky have recently discovered attacks against COVID-19-related entities, probably attempting to get their hands on vaccine research. The perpetrators behind this sneaky and specialized attack are none other than the mysterious Lazarus Group, a cybercrime group with strong links to North Korea, and known for some large cyberattacks over the last decade, such as the WannaCry attacks, Sony breach, and more. While tracking the group’s activity over a variety of industries, the Kaspersky researchers spotted two COVID-related attacks – one on a pharmaceutical company, and the other on a government ministry involved in COVID-19 response.

Read More

Share this:

Solarwinds, Fireeye, and You

The latest headliner in cybersecurity news is the recently disclosed compromise of FireEye, The US Government, and many others that was brought about by a backdoor discovered in a widely installed set of network tools from Solarwinds.

What we know so far reveals a sophisticated, long term, and well-funded campaign that was likely backed by a nation's resources rather than some run-of-the-mill cyber criminal enterprise.

Read More

Share this:

WHEN RANSOMWARE HITS CLOSE TO HOME

Last Friday’s family dinner started like any other. My grandmother stealthily running around the kitchen adding some finishing touches to her amazing dishes, while her children and grandchildren gradually arrive. Meeting once a week (or two) for a Friday dinner is customary for traditional Israeli families (and let’s face it, Israel is so small that no matter where you live – it’s still no more than a few-hour drive from your family). As we started moving delicious-smelling food from the kitchen to the dining room, my family asked me excitedly (and a bit worriedly) – “Did you hear about the Shirbit cyber attack? They got attacked with a ransom malware, have you heard of those?”.

Read More

Share this:

Pop Stars Hacked during Spotify Wrapped 2020

For 320 million Spotify users around the world, December kicked off with some fun statistics in Wrapped, the streaming service’s yearly review: Most streamed artist, most played song, top podcasts... But it’s 2020, "the Year to Forget", and no parade can go on for long without some rain. During Spotify’s Wrapped 2020, the most popular streaming service in the world suffered a pretty wild security breach that targeted both popular musicians and their music labels.

Read More

Share this:

United Health Systems: All US Sites Impacted in Ransomware Attack

Last week, Universal Health Services, confirmed that the ransomware attack on their networks on September 27th affected computers at all of their US care sites and hospitals. The ransomware that hit UHS, one of the largest health systems in the US, is the infamous Ryuk, which has been wreaking havoc in targeted ransomware attacks since 2018. During the attack, the Ryuk began shut down systems in the emergency department, as well as additional systems causing some ambulances had to be diverted, and lab test results became delayed. Technicians at some UHS-owned facilities described reverting to pen-and-paper during the attack.

Read More

Share this:

Coffee Machine Hacked – and THIS IS Just The Beginning

The alarming concept of IoT cyber attacks sends us straight to a dystopic vision of crashing automatic cars, and smart elevators stuck in place with evil music playing in the background. Looming over the excitement for next generation technology is a cloud of worry about the cyber implications of connecting everyday devices to the internet. While we’re sure that a hospital whose critical scanning machines are being held captive by ransomware will pay up, we don’t tend to stop and think about our small day-to-day actions that may be affected as well. If your printer was held hostage by ransomware before a critical meeting, and you had to pay $100 to free it – would you?

Read More

Share this:

Thousands of Magento Online Stores Hacked

Many online merchants use Magento, a leading digital commerce platform, to host their online store. Last week, thousands of these merchants found themselves under attack. This massive, automated campaign dubbed “Cardbleed” by Sansec, because of its ability to steal credit card information from online store customers, is the largest of its kind to date.

Read More

Share this:

ThreatSTOP Launches COVID-19 Malicious Domains Target

 

Since the beginning of the Coronavirus epidemic, threat actors have been exploiting the panic around the deadly virus to deploy cyber attacks. Every day, more and more Coronavirus-related campaigns are spotted, and we are seeing a surge in the number of suspicious domains registered in relation to the virus every day.

To combat these prevalent attacks, our Security Research Team has curated a blocklist including thousands of malicious Covid19-related domains, integrated from our threat intelligence sources and supplemented with additional IOCs found by our team through manual analysis.

We highly recommend adding the Covid-19 domain target to your policy in order to protect yourself from these threats. You can do so by enabling the COVID19 Fake Domains – Domains target, or by enabling our Phishing bundle.

Read More

Share this:

An Infographic Timeline of Coronavirus-Themed Cyber Attacks

This is an opportunistic time for cyber attackers. While people are in a frenzy to buy food and masks, to figure out how they are going to work from home or how to cope with the loss of their job, cyber attackers show no mercy in taking advantage of the situation to deploy a grandiose variety of Coronavirus-themed attacks.

Read More

Share this:

ThreatSTOP Premium Feed Spotlight Series: Level Up Your Malvertising Protection with The Media Trust Premium Threat Intelligence Feed

Most malware is often delivered from otherwise legitimate sites. Sometimes this occurs via compromising existing websites, but more often than not, it is by using existing advertising networks as a means to ultimately deliver malware. Quite simply, the attacker buys impressions via existing channels and uses a variety of malvertising tricks to either directly compromise the web browser, or at the least trick the user to installing the malware. This specialized form of malware delivery requires a specialized collection methodology to detect such attacks.

Read More

Share this:

ARCHIVES

see all

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter