Since January 2020, various security firms have been tracking an active campaign spreading spyware. One of the reasons the campaign is noteworthy is that it is actively targeting iOS devices. The spyware, called LightSpy is distributed via watering hole attacks. These attacks involve the attacker lo
It is not by any means new to say that hackers are looking to exploit the COVID-19 pandemic, despite the misery and loss of human life the disease has already caused, for their own benefit. At the start of February, this publication reported on several malware campaigns exploiting the health pandemi
When covering malware incidents it is exceedingly rare to refer to hackers using conventional mail services, sometimes often snidely referred to as snail mail, to carry out attacks. It is equally rare to cover attacks that utilize a malware-laced USB drive to infect computers. These attacks have bee
In a report published by FireEye, a worrying trend has emerged. The use of ready-made Industrial Control System (ICS) hacking tools has been on the rise lowering the skill entry barrier, not only for state-sponsored groups but novice and unskilled hackers as well to exploit and cause major disruptio
Governments and companies are increasing lockdown measures to prevent the spread of COVID19, this has placed increase strain on governments as well as private industry. As has been seen and documented by this publication hackers and state-sponsored groups are looking to leverage the pandemic to bett
The US Department of Health and Human Services (HHS) confirmed that it had experienced a cyber attack the previous Sunday, 15 March. This is particularly worrying as it comes at a time where both local and international health agencies are struggling to battle the ongoing spread of COVID-19, otherwi
It is by no means new news that governments around the world are been targeted by ransomware operators. Recently the US Coast Guard, Georgia Police Department, and the municipality of Jackson County have all fallen victim to a ransomware attack. This is not solely a problem experienced by US governm
As part of Microsoft’s February Patch Tuesday a total of 99 vulnerabilities were patched. Much of the attention given to the event surrounded the patching of CVE-2020-0674, a zero-day vulnerability found in Internet Explorer that when exploited could potentially allow an attacker to execute arbitrar
The Ryuk ransomware continues to add high profile targets to its victim list. From the US Coast Guard to Fortune 500 companies, it would seem no company or organization is safe if the malware’s operators have the company in their sights. The latest to fall victim to a Ryuk infection is legal service
For hackers, whether the financially motivated or state-sponsored kind, the question of how to clean and safely use stolen funds is a major hurdle to jump. When banks and other financial institutions adopted know your client (KYC) rules as specified in numerous countries adopting similar pieces of l