Category: Threat Watch

Erie, Colorado, a small town just outside of Denver, was hit with a business email compromise (BEC) scam in the fall of 2019. The town had a contract with SEMA Construction for construction of the Erie Parkway Bridge. Since this…

Read more →

Unknown Actors Supporting Iran: According to Texas officials, they have been combating approximately 10,000 cyber-attacks per minute coming from IP addresses in the region around Iran. The spike occurred in the past few days, and the attacks are on the Texas…

Read more →

A new phishing scam attempts to use the possible Iranian-backed cyber attack scare to harvest user Microsoft login credentials. According to Michael Gillett, who received the phishing email and shared it, the email was capable of bypassing spam filters and…

Read more →

In April 2019, Pulse Secure issued a security advisory for its VPN application. According to the advisory, multiple bugs had been found that could bypass authentication, allow file access and even remote code execution. Public proof of concept exploits were…

Read more →

SideWinder:  Three malicious Android apps were discovered on the Google Play Store that work in concert with each other to compromise victim’s devices and steal user information.  This represents the first known instance of the vulnerability CVE-2019-2215 being exploited in…

Read more →

According to the NSA, multiple Advanced Persistent Threat (APT) actors have been exploiting multiple VPN vulnerabilities from several VPN products including Palo Alto GlobalProtect™ and Fortinet Fortigate™ products.  These vulnerabilities allow threat actors to gain remote access to affected networks,…

Read more →

When using laptops in a public environment, a thief may attempt a snatch-and-grab of the computer. If a victim is logged into something sensitive, this could pose a serious security risk. Linux system administrator and software engineer Michael Altfield has…

Read more →

Pro-Iran Hackers: The website of the US Federal Depository Library Program was defaced with a pro-Iran, anti-United States image on Saturday. This is the first “cyber-attack” against a US government website by pro-Iranian hackers following the US strike that killed…

Read more →

Blue Bear, a software platform provided by Active Network, was breached recently. Blue Bear helps schools manage accounting, student fees, and online stores related to schools. Any parents or guardians who logged in to school web stores that use Blue…

Read more →

Travelex, known for currency exchange services, was the victim of a malware attack on New Year’s Eve which suspended some of their services. The attack forced some systems to go offline to avoid further spread of the malware. This also…

Read more →

The restaurant chain Landry’s recently disclosed a security incident with malware designed to harvest credit card data from 63 different bar and restaurant brands, including Claim Jumper, Rainforest Cafe, Morton’s Steakhouse, and others. Although the malware went unnoticed for nearly…

Read more →

Iran:  As has been widely reported in the media since late yesterday, a U.S. airstrike on militant forces at Baghdad International Airport resulted in the death of a top Iranian General.  Major General Qassim Suleimani was the commander of the…

Read more →

China (APT10/Cloud Hopper):  In 2016 an investigation uncovered an operation, dubbed Cloud Hopper, being carried out by the threat group APT10, which is believed to be linked to the Chinese intelligence service.  Recent breakthroughs in the investigation have revealed that…

Read more →

The WordPress plugin “bbPress Members Only” was recently found to be vulnerable to CSRF (Cross-Site Request Forgery) attacks. This affects versions before 1.2.1. CSRF attacks are a type of attack that forces an authenticated user to perform an action on…

Read more →

Harry Denley, the Director of Security for MyCrypto platform, discovered a malicious Chrome browser extension that claims to help its users manage cryptocurrency, but actually steals crypto wallet private keys and passwords for several cryptocurrency management websites.  The extension, named…

Read more →