In This Section

PINDROP BLOG

Category: Hacking

June 21, 2017
Malvertising Campaign Tied to Ransomware Attack on UK Universities
The mobile ransomware infections that hit a number of universities in the U.K. recently have been traced back to a malvertising network and the Astrum exploit kit. The attacks against several universities, including University College London, emerged last week and initially there were fears that they were connected to the WannaCry ransomware outbreak. But researchers at…
Read More →
June 20, 2017
South Korean ISP Nayana Pays $1M Ransom to Decrypt Servers
An ISP in South Korea that was hit with a deep ransomware infection in recent days has agreed to pay more than $1 million to recover access to its encrypted data. The company, Nayana, said that it had been hit with the Erebus ransomware about 10 days ago, and spent several days trying to recover…
Read More →
June 19, 2017
Europol Hits Group Allegedly Selling Security Evasion Tools
Europol has arrested six people as part of a wide-scale operation to crack down on cybercriminals who sell tools such as crypters and anti-AV that help attackers evade security defenses. The operation involved authorities in several countries and over the course of several days earlier this month, Europol officials made arrests and conducted interviews in…
Read More →
June 16, 2017
Email Compromise Campaign Hits Hundreds of Companies
A large-scale, long-term business email compromise campaign has been targeting large industrial companies, including those in the energy, metals, and power sectors. The campaign has been running for several years and has included a variety of tactics, namely compromises of corporate email systems, network exploitation, social engineering, and highly targeted phishing messages. Researchers at Kaspersky…
Read More →
June 15, 2017
Study Finds Concerning Flaws in VoLTE Platforms
In recent years as VoLTE (Voice over LTE) services have grown more popular and the nation’s four largest cellular networks have adopted it, security concerns have begun to arise. In a new study presented at the Symposium on Information and Communications Technology Security (SSTIC) three researchers from P1 Security found new vulnerabilities and confirmed old ones regarding…
Read More →
June 14, 2017
DHS Points Finger at North Korea for Long Cyberattack Campaign
The United States government has issued a warning about an ongoing series of DDoS attacks and other cyber operations that it says began in 2009, and is pointing the finger squarely at North Korea. On Tuesday, the US-CERT, which is part of the Department of Homeland Security, published a technical alert in conjunction with the…
Read More →
June 13, 2017
Microsoft Releases Patches for Older Versions of Windows, Warns of Nation-State Attacks
Microsoft has taken the unusual step of issuing patches for a number of security vulnerabilities in older versions of Windows that the company says are “at heightened risk of exploitation” from nation-state attackers. As part of its normal Patch Tuesday update release, Microsoft released fixes for 16 vulnerabilities that affect several versions of Windows, including some that…
Read More →
June 13, 2017
Europol Dismantles International Fraud Ring
Police have dismantled a payment-card fraud network that stretched across Europe and had the capability to clone payment cards, install skimmers on ATMs, and is responsible for hundreds of thousands of dollars in losses. The fraud ring was operating not just in Europe, but also in the United States, the Dominican Republic, Peru, Malaysia, Costa Rica,…
Read More →
June 12, 2017
New macOS Ransomware Service Emerges
The ransomware scourge is beginning to creep, ever so slightly, into the Apple ecosystem, as researchers have discovered a new service hosted on the Tor network that will develop custom ransomware samples for buyers on demand. The ransomware as a service model is not new, but this is believed to be the first one that…
Read More →
June 9, 2017
Phishing Attacks Using SSL Spike
Phishing crews increasingly are using sites with valid SSL certificates in order to make their attacks appear more legitimate, a new report shows. In the last couple of years it has become much easier and faster for site owners to obtain SSL certificates for their sites, thanks to the emergence of free CAs such as…
Read More →
2019 Voice Intelligence Webinar Series – where voice, not touch is the main interface for customers.