Sextortion Scams
Published Oct 18 2024 10:45 AM
Sextortion scams are old. But a new version is circulating that has much more information in the email in order to convince you it is real. This Insight looks at what it may contain and what to do if it does.
Sextortion scams get an upgrade
TrickMo malware steals Android PINs using fake lock screen
Published Oct 18 2024 10:43 AM
A version of malware shows Android users a fake unlock screen to steal the pin to open the phone. It can also show fake login screens to steal your bank credentials. Be cautious.
Danger - Fake login screens
North Korean Hackers Continue to Target Job Seekers
Published Oct 18 2024 10:41 AM
Job seekers have been the target of attackers for a while now. But new attackers fool use social engineering techniques to entice job seekers into downloading malware under the guise of the interview process. The tech industry is a major target of this scam.
Job seekers targeted in many ways
Serious Adversaries Circle Ivanti CSA Zero-Day Flaws
Published Oct 18 2024 10:38 AM
Ivanti has been the target of a number of attacks recently. New and existing Zero-day flaws are under active attack. This article looks at the new attacks and how they work.
Ivanti being attacked again
Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign
Published Oct 18 2024 10:30 AM
Attackers are using fake pages for different services such as Google Meet, Facebook, Chrome and others to steal credentials and download malware. Learn more about this scam.
Beware of fake login pages
AI Gathering Your Data
Published Oct 11 2024 10:07 AM
AI systems usage is growing quickly. But few people understand the implications of using generative AI systems and chatbots. This Insight looks at the one of the key risks inherent in these systems and what to do about it.
AI systems keep your data
Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users
Published Oct 11 2024 10:04 AM
A new adversary in the middle, AiiM, kit has recently appeared for sale on the Darkweb. The kit can show realistic looking Microsoft login pages for different MS services to steal user credentials.
New attack avoids 2FA
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
Published Oct 11 2024 10:01 AM
A new vulnerability rated at 9.8 has been found in Fortinet products, FortiOS, FortiPAM, FortiProxy, and FortiWeb. This vulnerability is being actively exploited and results in remote code execution. Palo Alto and Cisco also disclosed serious vulnerabilities. Install updates as soon as available.
Multiple vulnerabilities - patch now
Firefox Zero-Day Under Attack: Update Your Browser Immediately
Published Oct 11 2024 9:56 AM
Firefox, the browser from Mozilla, has a very serious vulnerability rated at 9.8 out of 10 and can result in remote code execution. An update has been released, install as soon as possible.
Firefox vulnerable update now
Single HTTP Request Can Exploit 6M WordPress Sites
Published Oct 11 2024 9:53 AM
WordPress is a very popular tool for creating websites. However, that also makes it a popular target for cybercriminals. Another vulnerability can easily 6 million sites.
WordPress under attack again
AI Gathering Your Data
Published Oct 4 2024 9:57 AM
Generative AI systems can be very helpful in many ways. But they also have downsides that can lead to significant problems for a company. This Insight looks at the possible problems and suggests some protective measures.
Generative AI good and bad
Cyberattackers Use HR Targets to Lay More_Eggs Backdoor
Published Oct 4 2024 9:55 AM
Cyber attackers have gone after job seekers with fake job postings. Now attackers are applying for real jobs to target the HR Recruiters and deliver malware. Always changing tactics, be ever alert!
Both job seekers and HR are targeted
Python-Based Malware Slithers Into Systems via Legit VS Code
Published Oct 4 2024 9:52 AM
Python is a popular coding language that is in wide use. Researchers have found it is being compromised by cyberattackers who start with an email and then use Visual Studio Code to distribute more malware. The malware is insidious and hides well making it difficult to find and eradicate.
Python attackers hide and use legitimate code
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
Published Oct 4 2024 9:49 AM
Malware that has been targeting Linux systems for years is getting more powerful and harder to eliminate. This article explains what it is, what it can do, and ways to mitigate it.
Linux malware insidious
Thousands of DrayTek Routers at Risk From 14 Vulnerabilities
Published Oct 4 2024 9:47 AM
DrayTek routers offer many features for cyber protection. The integrated approach is helpful to home and small businesses. But they have many vulnerabilities, some quite serious.
DrayTek routers have serious risks