Cyberattack

Cyberattack / News Briefs

Phishers Increasingly Targeting SaaS and Webmail Services, APWG Reports

According to the latest report from Anti-Phishing Working Group (APWG) while the total number of conventional, spam-based phishing campaigns declined in 2018, users of software-as-a-service (SaaS) systems and webmail services are increasingly targeted. more

Thailand Passes Law Giving Sweeping Powers to State Cyber Agencies

Thailand's military-appointed parliament on Thursday passed a controversial cybersecurity law which gives sweeping powers to state cyber agencies. more

Russia Is Studying China's Legislative Experience in Fighting Internet Corruption, Cyber-Terrorism

Russian State Duma deputy, chairman of the Committee on Security and Corruption Control Vasily Piskarev told Russian reporters on Tuesday that Russia is studying China's legislative experience in dealing with corruption, cyber-terrorism and cross-border crime on the Internet. more

Researchers Demonstrate Serious Privacy Attacks on 4G and 5G Protocols

A group of academic researchers have revealed a design weakness in the 4G/5G protocol which can be exploited by an attacker to identify the victim's presence in a particular cell area just from the victim's soft-identity such as phone number and Twitter handle. more

ICANN Makes Urgent Call for Full Deployment of Domain Name System Security Extensions (DNSSEC)

In light of increasing reports of malicious activity targeting the DNS infrastructure, ICANN is calling for the full deployment of the Domain Name System Security Extensions (DNSSEC) across all unsecured domain names. more

Russia to Disconnect Entirely From the Internet as Part of Cyber-Defense Measure

According to various news outlets, Russia is reported to be planning a complete Internet shut down, as part of a test of its cyber-defenses. more

Cryptominers Infected 10x More Organizations Than Ransomware in 2018

A new security report reveals cryptominers infected ten times more organizations than ransomware in 2018, but only one in five IT security professionals were aware their company's networks had been infected by mining malware. more

US Government and Businesses Need Collaborative Procedures Against Major Cyberattacks, Warns Report

A new report warns that unless government and private sector decision makers begin developing specific procedures and trust now against cyber-enabled economic warfare (CEEW), the United States will find itself flat-footed during a major cyber event. more

China, Russia Posing More Aligned Cyberattack Threats to the US, Says Chief of National Intelligence

Dan Coats, Director of US National Intelligence warns China and Russia are increasingly using cyber operations to steal information, influence citizens and to disrupt critical infrastructure. more

An Investigation Shows How Bomb Threat Scammers Hijacked Thousands of Big-Name Domains

Ars Technica's Dan Goodin reports that an "investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp, and other legitimate people or organizations." more

US Department of Homeland Security Issues Emergency Directive Ordering Agencies to Audit DNS Records

The U.S. Department of Homeland Security has issued a rare "emergency" directive ordering federal agencies to audit all DNS records within ten days. more

Global DNS Record Manipulation, Hijacking Campaign at Massive Scale Linked to Iran

A wave of DNS hijacking is reported to have affected dozens of domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. more

McAfee Labs 2018 Report Reveals 480 New Threats Per Minute, Sharp Increase in IoT-Focused Malware

In its latest quarterly report, McAfee Labs has reported seeing an average of 480 new threats per minute and a sharp increase in malware targeting IoT devices. more

Latest Wave of Organized Phishing Attacks Beat Two-Factor Authentication

Researchers at Certfa Lab provide a review of the latest wave of organized phishing attacks by Iranian state-backed hackers which succeeded by compromising 2-factor authentication. more

Chinese Hackers Have Infiltrated US Navy Contractors to Steal Range of Data Including Missile Plans

Chinese hackers have breached U.S. Navy contractors to steal a wide range of data from ship-maintenance data to missile plans through what is reported as the most debilitating cyber campaigns linked to Beijing. more