LATEST NEWS

You work hard to build a great business and service your customers. But if you are like many companies you need to focus on your core business leaving little time for innovation. You are certain that technology can either set your business apart or cost you that big account … but IT can be so complicated and expensive.

A NEW PHISHING SCAM PURPORTS TO BE MYOB INVOICES – BUT REALLY CONTAINS A NOVEL BANKING TROJAN. The recently-discovered DanaBot banking trojan is making the rounds in a phishing campaign that targets potential victims with fake invoices from software company MYOB.

Whether you are out exploring or relaxing, it is important to strive to be as secure as possible with your digital devices and information. Unfortunately, travel can open you up to different points of vulnerability compared to normal everyday use at home, and we don’t just mean accidentally going swimming with your cell phone.

PDF files can be weaponized by malicious actors to steal Windows credentials (NTLM hashes) without any user interaction, and only by opening a file, according to Assaf Baharav, a security researcher with cyber-security Check Point. Baharav published research this week showing how a malicious actor could take advantage of features natively found in the PDF standard to steal NTLM hashes, the format in which Windows stores user credentials.

A malicious proof-of-concept Amazon Echo Skill shows how attackers can abuse the Alexa virtual assistant to eavesdrop on consumers with smart devices – and automatically transcribe every word said.

25 APR TYPOSQUATTING OR URL HIJACKING Posted at 14:13h in NEWS / BLOG by Lana Wilson 0 Comments 0Likes Typosquatting attempts to take advantage of typographical errors (i.e. “typos”) introduced by users when URLs are typed directly into the address bar. By capitalizing on user error, cyber threat actors funnel unsuspecting users to illegitimate domains that closely mimic originals.

In a major hit against international cybercriminals, the Dutch police have taken down the world’s biggest DDoS-for-hire service that helped cyber criminals launch over 4 million attacks and arrested its administrators. An operation led by the UK’s National Crime Agency (NCA) and the Dutch Police, dubbed “Power Off,”

When visiting unknown websites, be vigilant about protecting your identity. Remember that some information is automatically made visible to the site. Information such as the computer’s IP address, domain name (e.g., .com, .gov, or .edu), software details, and page visit information is often saved in cookies so that the organization may develop and store user profiles of website visitors.

Malware authors have hijacked DNS settings on vulnerable routers to redirect users to sites hosting Android malware. According to Kaspersky Labs telemetry data, these were small-scale attacks, as crooks only hijacked traffic from just 150 unique IP addresses, redirecting users to malicious sites around 6,000 times between February 9 and April 9, 2018.