When a suspicious email lands in your inbox promising financial rewards or urgent payment requests, the infrastructure behind that email is rarely what it appears to be.
An investigation by Comparitech revealed a coordinated spam and phishing network spanning 12,704 servers in 55 countries.
These phishing emails are tied to fake financial rewards and similar scams, using tactics designed to evade security tools such as antivirus and ransomware protection systems that many users depend on.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Electric Vehicle Charging Stations Open to IoT Attacks
December 14, 2018
Flaws could allow an attacker to stop or start a home charging station, or even change the current in order to start a fire. Given that creating proof-of-concept (PoC) cyberattacks for the Internet of Things (IoT) is essentially like shooting fish in a barrel these days, perhaps it’s not exactly surprising that a new niche category ...
- LCG Kit: Sophisticated builder for Malicious Microsoft Office Documents
December 13, 2018
Proofpoint researchers discovered “LCG Kit,” a weaponized document builder service, in March 2018. Since we began tracking LCG Kit, we have observed it using the Microsoft Equation Editor CVE-2017-11882 , which has been used used in limited email campaigns. ...
- Tildeb: Analyzing the 18-year-old Implant from the Shadow Brokers’ Leak
December 13, 2018
On April 14, 2017, The Shadow Brokers (TSB) leaked a bevy of hacking tools named “Lost in Translation.” This leak is notorious for having multiple zero-day remote code execution (RCE) vulnerabilities targeting critical protocols such as Server Message Block (SMB) and Remote Desktop Protocol (RDP) and applications like collaboration and web server-based software. The exploit toolkit includes EternalBlue, ...
- Supply Chain Security: Managing a Complex Risk Profile
December 12, 2018
Experts sound off on how companies can work with their third-party suppliers and partners to secure the end-to-end supply chain. NYC — From Delta Airlines to Best Buy, a number of big-name companies were involved this year in data breaches – but even though their names made headlines, the actual security incidents occurred due to flaws in third-party partners. Across ...
- Operation Sharpshooter Uses Fileless Malware to Attack Global Infrastructure
December 12, 2018
The McAfee Advanced Threat Research team detected a malware campaign dubbed Operation Sharpshooter which attacked nuclear, defense, energy, and financial targets from all over the world. As detailed by McAfee’s research team, the campaign dubbed “Operation Sharpshooter” makes use of an in-memory essential to download and execute a second stage payload named Rising Sun. Moreover, the Rising Sun implant ...
- New Variant of Shamoon Malware Uploaded to VirusTotal
December 12, 2018
A new variant of the destructive Shamoon malware was uploaded to VirusTotal this week, but security researchers haven’t linked it to a specific attack yet. Also referred to as DistTrack, the sophisticated malware was initially observed in attacks against Saudi Arabian and other oil companies in 2012, when it destroyed data on over 30,000 systems. An updated ...