Ransomware attacks hit Florida ISP, Australian cardiology group

Posted on March 1st, 2019 by Responsible Cyber

After Florida ISP Network Tallahassee was hit with a ransomware attack, the broadband provider reportedly paid a $6,000 ransom. Details of the attack – such the type of ransomware and how many customers were affected – were not revealed. We know only that the infection was discovered on Saturday. The Tallahassee Democrat quoted a former […]

Read More

Payroll Provider Gives Extortionists a Payday — Krebs on Security

Posted on March 1st, 2019 by Responsible Cyber

Payroll software provider Apex Human Capital Management suffered a ransomware attack this week that severed payroll management services for hundreds of the company’s customers for nearly three days. Faced with the threat of an extended outage, Apex chose to pay the ransom demand and begin the process of restoring service to customers. Roswell, Ga. based […]

Read More

Latest WinRAR Flaw Being Exploited in the Wild to Hack Windows Computers

Posted on March 1st, 2019 by Responsible Cyber

It’s not just the critical Drupal vulnerability that is being exploited by in the wild cybercriminals to attack vulnerable websites that have not yet applied patches already available by its developers, but hackers are also exploiting a critical WinRAR vulnerability that was also revealed last week.A few days ago, The Hacker News reported about a 19-year-old […]

Read More

Hackers can invisibly eavesdrop on Bigscreen VR users

Posted on February 22nd, 2019 by Responsible Cyber

Meet the new man-in-the-room attack, which exploited vulnerabilities in the Bigscreen virtual reality (VR) app, allowing attackers to invisibly eavesdrop in VR rooms. Attackers could also exploit the flaws to gain complete control over Bigscreen users’ computers, to secretly deliver malware, and even to start a worm infection spreading through VR. Breathe easy – it’s […]

Read More

DDoS explained: How distributed denial of service attacks are evolving

Posted on February 20th, 2019 by Responsible Cyber

What is a DDoS attack? A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it’s […]

Read More

What is phishing? How this cyber attack works and how to prevent it

Posted on February 15th, 2019 by Responsible Cyber

Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download […]

Read More

What is a man-in-the-middle attack? How MitM attacks work and how to prevent them

Posted on February 13th, 2019 by Responsible Cyber

A man-in-the-middle (MitM) attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Attackers might use MitM attacks to steal login credentials or personal information, spy on the victim, or sabotage communications or corrupt data. “MITM attacks are a tactical means to an end,” […]

Read More

Shellbot Crimeware Re-Emerges in Monero Mining Campaign

Posted on February 6th, 2019 by Responsible Cyber

New attack uses a repurposed version of the Trojan that spreads using Internet Relay Chat. Shellbot crimeware has been spotted in the wild as part of a growing campaign that appears to target infrastructure resources for cryptomining. Tactics, techniques, and procedures observed in this campaign are similar to TTPs seen previousl with the Outlaw Group, […]

Read More

What is a supply chain attack? Why you should be wary of third-party providers

Posted on January 30th, 2019 by Responsible Cyber

A supply chain attack, also called a value-chain or third-party attack, occurs when someone infiltrates your system through an outside partner or provider with access to your systems and data. This has dramatically changes the attack surface of the typical enterprise in the past few years, with more suppliers and service providers touching sensitive data […]

Read More