This Week in Security News: BEC Attacks and Botnet Malware
Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 03 May 2019 14:00:25 +0000
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the prevalence and impact of BEC attacks. Also, find out how botnet malware can perform remote code execution, DDoS attacks and cryptocurrency mining.
Read on:
Tech Support Scam Employs New Trick by Using Iframe to Freeze Browsers
Trend Micro discovered a new technical support scam (TSS) campaign that makes use of iframe in combination with basic pop-up authentication to freeze a user’s browser.
Cybersecurity Pros Could Work for Multiple Agencies Under Bill Passed by Senate
Skilled federal cybersecurity workers could be rotated among civilian agencies under bipartisan legislation the Senate passed to help fill specific gaps in the workforce.
New Cybersecurity Report Warns CIOs — ‘If You’re Breached Or Hacked, It’s Your Own Fault’
Trend Micro’s honeypot sensors detected an AESDDoS botnet malware variant exploiting a server-side template injection vulnerability in a collaboration software program used by DevOps professionals.
U.K. Prime Minister Theresa May Fires Defense Secretary Gavin Williamson Over Huawei Leak
British Prime Minister Theresa May fired Defense Secretary Gavin Williamson, saying he leaked sensitive information surrounding a review into the use of equipment from China’s Huawei Technologies Co. in the U.K.’s telecoms network.
This Hacker Is Selling Dangerous Windows 0-Day Hacks For Past 3 Years
A report by ZDNet has revealed that a mysterious hacker is selling Windows zero-day exploits to the world’s most notorious cybercrime groups for the past three years. At least three cyber-espionage groups also known as Advanced Persistent Threats (APTs) are regular customers of this hacker.
Docker Hub Repository Suffers Data Breach, 190,000 Users Potentially Affected
In an email sent to their customers on April 26, Docker reported that the online repository of their popular container platform suffered a data breach that affected 190,000 users.
IC3: BEC Cost Organizations US$1.2 Billion in 2018
In the recently published 2018 Internet Crime Report by the FBI’s Internet Crime Complaint Center (IC3), the agency states that in 2018 alone, it received 20,373 BEC/email account compromise (EAC) complaints that racked up a total of over US$1.2 billion in adjusted losses.
Trend Forward Capital’s First Startup Pitch Competition in Dallas
Trend Forward Capital, in a partnership with Veem, is bringing its Forward Thinker Award and pitch competition to Dallas on May 20.
BEC Scammers Steal US$1.75 Million From an Ohio Church
The Saint Ambrose Catholic Parish in Brunswick, Ohio was the victim of a BEC attack when cybercriminals gained access to employee email accounts and used them to trick other members of the organization into wiring the payments into a fraudulent bank account.
Cybersecurity Experts Share Tips And Insights For World Password Day
May 2 is World Password Day. World Password Day falls on the first Thursday in May each year and is intended to raise awareness of password best practices and the need for strong passwords.
Confluence Vulnerability Opens Door to GandCrab
A vulnerability in a popular devops tool could leave companies with a dose of ransomware to go with their organizational agility, according to researchers at Trend Micro and Alert Logic.
Were you surprised by the amount of business email compromise complaints the FBI received in 2018? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
The post This Week in Security News: BEC Attacks and Botnet Malware appeared first on .