FIN7 hackers create auto-attack platform to breach Exchange servers

The notorious FIN7 hacking group uses an automated attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size. This system was discovered by Prodaft’s Read More …

What Can Schools Do Against the Onslaught of Ransomware?

Cyber attacks have become a pressing issue for K-12 schools, but school districts aren’t waging the fight alone. A variety of free federal and state resources can offer guidance and assistance, while cyber best practices and automated and managed services Read More …

Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

​Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges. Starting on December 19th, many Read More …

Godfather: A banking Trojan that is impossible to refuse

The Android banking Trojan Godfather is currently being utilized by cybercriminals to attack users of popular financial services across the globe. Godfather is designed to allow threat actors to harvest login credentials for banking applications and other financial services, and Read More …

Microsoft research uncovers new Zerobot capabilities

Botnet malware operations are a constantly evolving threat to devices and networks. Threat actors target Internet of Things (IoT) devices for recruitment into malicious operations as IoT devices’ configurations often leave them exposed, and the number of internet-connected devices continue Read More …

Guardian hit by serious IT incident believed to be ransomware attack

The Guardian has been hit by a serious IT incident, which is believed to be a ransomware attack. The incident began late on Tuesday night and has affected parts of the company’s technology infrastructure, with staff told to work from Read More …

As cyber criminals start targeting retail, companies must be ready to fight back

Given the current geopolitical situation, it’s easy to conflate cybersecurity with the war in Ukraine and bad actors overseas. Historically, cyber-attacks have traditionally been associated with nation states and hacktivists conducting high-profile attacks on high-profile targets to wreak havoc, make Read More …

XLLing in Excel – threat actors using malicious add-ins

For decades, Microsoft Office applications have served as one of the most significant entry points for malicious code. Malicious actors have continued to utilize Visual Basic for Applications (VBA) macros, despite automatic warnings to users after opening Office documents containing Read More …

Play ransomware claims attack on German hotel chain H-Hotels

The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels (h-hotels.com) that has resulted in communication outages for the company. H-Hotels is a hospitality business with 60 hotels in 50 locations across Germany, Austria, and Switzerland, offering Read More …

Ukraine’s DELTA military system users targeted by info-stealing malware

A compromised Ukrainian Ministry of Defense email account was found sending phishing emails and instant messages to users of the ‘DELTA’ situational awareness program to infect systems with information-stealing malware. The campaign was highlighted in a report today by CERT-UA Read More …