Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Microsoft: Russians Used Malicious Messages Portrayed as Coming From USAID Scott Ferguson (Ferguson_Writes) • May 28, 2021 Here’s an example of a phishing email masquerading as a message from USAID. (Source: Microsoft) A Russian group that was behind the massive…
Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Research Report Describes Marketplace’s Evolving Tactics Doug Olenick (DougOlenick) • May 26, 2021 Source: Flashpoint and Chainalysis The Hydra darknet marketplace, which initially focused on narcotics sales, now also offers stolen credit cards, SIM cards, VPN access and cryptocurrency laundering services, with annual…
Executive Summary Informations Name CVE-2021-20292 First vendor Publication 2021-05-28 Vendor Cve Last vendor Modification 2021-05-28 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
A malware attack on one of Canada Post’s suppliers has caused a data breach affecting 44 of the company’s large business clients and their 950,000 receiving customers, the postal agency confirmed Wednesday. It said the information affected is from July 2016 to March 2019, and 97 per cent of it comprised the names and…
Executive Summary This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this. Informations Name CVE-2021-20236 First vendor Publication 2021-05-28 Vendor Cve Last vendor Modification 2021-05-28 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA…
The US Department of Homeland Security (DHS) has announced new pipeline cybersecurity requirements after the largest fuel pipeline in the United States was forced to shut down operations in early May following a ransomware attack. The new security directive requires critical pipeline owners and operators to report any confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security…
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management FireEye: Attackers Using New Malware and Procedures Doug Olenick (DougOlenick) • May 28, 2021 Two China-linked threat groups are still exploiting unpatched flaws in Ivanti’s Pulse Connect Secure VPN products, using additional malware variants to support cyberespionage, FireEye’s Mandiant Threat…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Also: Debating the Issue of Banning Ransom Payments Anna Delaney (annamadeline) • May 28, 2021 Clockwise, from top left: Doug Olenick, Anna Delaney, Marianne Kolbasuk McGee and Tom Field Four editors…
Governance & Risk Management , Identity & Access Management , IT Risk Management Will Help Prevent Users From Reusing Risky Passwords Jeremy Kirk (jeremy_kirk) • May 28, 2021 The FBI will soon begin sharing hashes of compromised passwords found in the course of its cybercrime investigations with Have I Been Pwned, the data…
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary Informations Name CVE-2021-20239 First vendor Publication 2021-05-28 Vendor Cve Last vendor Modification 2021-05-28 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA…
