Category: security
Bad news – infamous Qbot malware appears to have returned once again
The dreaded QakBot malware is back once again, being distributed among victims in the hospitality industry, experts have warned. A new Microsoft report claims threat actors are sending out phishing emails and impersonating IRS employees using QakBot. In the emails, they’re delivering a PDF file claiming to be a guest…
Read More
Top WordPress hosting company hit by phishing ads attack
A WordPress hosting company is warning its users that they’re being targeted by cybercriminals looking for their login credentials. Kinsta sent out alerts to its customers warning them of a malicious Google ads campaign redirecting visitors to a fake Kinsta website, asking them to log in for different reasons. By…
Read More
Many universities could be at risk of easy phishing attacks
Barely any of the UK’s top universities are protected against being abused in phishing and spoofing attack, new research has claimed. A report from email security provider EasyDMARC reviewed the security policies of all of the main email domains used by the top 100 UK universities, finding less than a…
Read More
Attack on Ledger crypto wallet leads to huge money thefts
Crypto giant Ledger spent December 14 warning users not to interact with web3 decentralized apps amid concerns over a supply chain attack. The attack on the ‘Ledger dApp Connect Kit’ library was found to be pushing a JavaScript wallet drainer, the company found. Ledger has since confirmed that it was…
Read More
Stealthy new botnet targets VPN devices and routers while staying disguised
The US Government, together with several other countries, has issued a joint Cybersecurity Advisory notice warning of malicious work being carried out by a state-sponsored Chinese cyber actor known as Volt Typhoon. The Chinese group has been observed targeting US critical infrastructure sectors, and other countries are believed to be…
Read More
This sneaky malware hijacks Google Forms to demand money in nasty phishing scheme
A new version of BazarCall, a phishing attack designed to take money from victims, has been observed, this time hijacking Google Forms to generate fake payment receipts in order to make malicious phishing attacks look more legitimate. The attack gets its name from the way it manipulates victims to engage…
Read More