A bi-weekly roundup of the latest cybersecurity news and research
Halfway down the week and we’ve got you covered till the weekend about all the nitty-gritty in the world of cybersecurity!
1. Millions of Android Users Scammed in SMS Fraud Driven by Tik-Tok Ads
TikTok ads scam is adding those extra bucks to your phone bill and some extra holes to your pocket by asking for your details and automatically subscribing to a premium SMS service that you don’t even notice. Since May till now 151 different apps have been a part impacting near about 10.5 million users. Don’t take the bait they over you wrapped within the most sparkling ads as they fetch your IMEI to trick you according to your language.
2. Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween
Looks like cybercriminals are excited for Halloween too, as candies shops are trying their best to speed up the production to meet all the needs, cybercriminals are also trying to earn money but as ransoms. We believe, these are the crucial times for the candy industry hence attackers want to create situations where companies feel they have no choice but to pay up. “Targetting when most vulnerable” is the new mantra threat actors manifest on.
3. Grief Ransomware Targets NRA
Grief Ransomware is all set to make NRA grieve. NRA is a reputed civil rights group aimed at protecting people’s second amendment rights, or the right to bear arms. In ransomware attacks, it is speculated when the organization doesn’t respond to the attackers then attackers post the archive making them vulnerable to the pay the ransome. We need to patch our vulnerabilities because it’s nothing new that these attacks can lead to customers’ data being exposed, confidentiality being broken, and even public embarrassment.
4. There is no voice message on WhatsApp waiting for you: it is a phishing attempt
How can someone send you New Year gift without having your address?, the same way how WhatsApp sends you emails without having your emails? “You’ve pending voice messages” if your email tray is receiving something like this be sure that no messages are there and it is just a phishing attempt that is trying to deceive the users.
5. Clickbait danger; seniors at risk
Everything is clickbait and people are using the best tactics and unique flowery words to lure you to click links that may be potential threats. Seniors are seen most impacted by this as seniors not only see it but believe the misinformation and share it further, as we know misinformation spreads 6x faster than genuine news because who like dry stuff when you have enticing stuff on the table. Giving education on cybersecurity has become a new essential of our lives.
6. Attackers Hijack Craigslist Emails to Bypass Security, Deliver Malware
Your fear is again played with, as you were informed by Craigslist about the account deletion if you don’t follow these “FALSE” steps as your ad contains inappropriate content. Your ad didn’t receive red flags but you sure did, so better keep your wide open to shut all the impersonation that might be happening around you.
7. Ransomware Attacks Are Evolving. Your Security Strategy Should, Too
You need to stay vigilant and proactive enough to protect your organization from threats as threat actors are finding new ways to get cash. Ransomware attacks not only costs you millions but they put a big “?” on your confidentiality and integrity too. Staying ahead can be challenging but that is what makes your organization better, investment in cybersecurity is never a “WASTE”.
8. 6 Steps to Improve Corporate Cybersecurity Now!
As threats become more sophisticated, corporate cybersecurity aimed to keep pace by implementing equally sophisticated cybersecurity products. For corporate cybersecurity professionals, preventing cybersecurity threats in email has always been the topmost priority. Especially during the pandemic has been a seismic event for corporate security and risk intelligence. It’s changing how one works, and it’s opening up new opportunities for security teams to take a bigger stake in their companies.
9. REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers Say
REVil is coming and going back as they are still hungry for the profits but the multi-country effort has done “Tit for tat” just right by giving ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline. The gang thought it has done it all to protect themselves but their own tactic made them a victim.