A new phishing campaign targeting Microsoft Office 365 users in corporate environments uses fake Zoom notifications warning recipients that their Zoom accounts have been suspended, with the end goal of stealing Office 365 logins.
Microsoft warns that with the shift to remote working, users are exposed to additional security threats such as “consent phishing,” besides conventional credential theft and email phishing attacks.
With so many more employees working from home during the COVID-19 pandemic, numerous organizations have been exploring the use of employee-monitoring tools.
A new ransomware strain, dubbed “Conti,” appears to allow its operators to specifically target network-based resources for encryption.
A credit card skimmer, operating since April, is specifically targeting sites hosted on Microsoft IIS servers currently running an out-of-date version of ASP.NET, according to security firm, Malwarebytes.
The U.S. Justice Department unsealed an indictment earlier this month charging a Kazakhstan citizen with leading a hacking collective known as "Fxmsp." The group has been accused of carrying out hundreds of attacks worldwide over the past several years.
A hacking group known as "Keeper" has been using Magecart-like web skimmers to target online checkouts and portals of hundreds of e-commerce sites in order to steal customers' payment card data, according to a report from security firm, Gemini Advisory.
A newly uncovered Russia-based business email compromise (BEC) gang has been targeting hundreds of large, multinational corporations in over 40 countries since 2019, according to the security firm Agari.
The developers behind the Purple Fox file-less downloader malware recently upgraded their operation and are now targeting two new vulnerabilities to gain access to networks, according to a report by security firm, Proofpoint.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies.
Jake has been in the insurance industry since 2004. He started his career in consulting at a global financial services corporation before beginning his brokerage career where he has managed management liability programs at global insurance brokerages for a diverse set of organizations ranging from start-ups to Fortune 500 companies. Jake has served on several non-profit boards throughout his career and is a frequent speaker on D&O and cyber liability risks. Jake joined Associated Benefits and Risk Consulting (ABRC) in 2014 and his primary responsibilities include leading the firm’s management liability group and serving as global team lead.
Wire transfer requests top the list of business email compromise (BEC) objectives, according to a study by Barracuda Networks. Additional objectives laid out by the report include duping users into clicking on malicious links, establishing rapport and stealing information, with the end goal of extorting millions of dollars from unsuspecting companies.
This month's Threat Intelligence Report is about a large hotel chain that reports an “unauthorized access” to its customer database since 2014, exposing data of 500 million guests; a vulnerability in a postal service site that left 60 million customers exposed for more than a year; a third-party vendor breach that exposes data of millions of healthcare patients; a new report that profiles notorious MageCart cyber criminals; court documents that reveal first-ever indictment on ransomware charges; and a bundled pack that makes SamSam and other ransomware easier for hackers to obtain and deploy.
Send a Message
Find a Location