Catch up on the latest cybersecurity news.

News of various cyberattacks was everywhere this week.  From the new “baseStriker” zero-day vulnerability to more and more phishing, malware, and ransomware attacks, email threats were all over the headlines.

  1. Office 365 Zero-Day Used in Real-World Phishing CampaignsVia Bleeping Computer
    • A new zero-day vulnerability known as baseStriker allows miscreants to send malicious emails that bypass security systems on Office 365 accounts.  Discovered last week, on May 1, 2018, by security researchers from Avanan, baseStriker is a flaw in how Office 365 servers scan incoming emails.
  2. You’ve got malware! Businesses beware of email scamsVia CSO
    • You’ve received an email that looked legitimate and clicked on a link only to be asked for personal details and other credentials in a manner that didn’t seem quite right. We’ve all been there. Thousands of phishing emails are sent to individuals and businesses across Australia every week. Worryingly, email scammers aren’t resting on their laurels. Scams are emerging that can put you and your company at risk of data breaches. Worse, these practices are hard to detect.
  3. Email Security Tools Try to Keep Up with ThreatsVia Dark Reading
    • Email has long been a prime vector for cyberattacks, and hackers are only getting sneakier. Can email platforms and security tools keep up?  No matter how many messaging and collaboration apps clutter the enterprise space, most (if not all) employees will continue to use email. Cybercriminals know this, and they're increasingly leveraging this reliance to their advantage, finding new ways to bypass protective measures.
  4. Phishing threats move to mobile devices Via Dark Reading
    • A mobile user is 18 times more likely to be exposed to a phishing attempt than to malware, according to a new report on techniques and technologies that try to get a user to be an accomplice in their own victimization. While employees have been taught to be suspicious of links and attachments in email, there is far less scrutiny of channels like SMS and Skype.
  5. Atlanta mayor says ransomware attack exposed a blind spot for the communityVia StateScoop
    • Atlanta Mayor Keisha Lance Bottoms says she didn't give much thought to cybersecurity before her city's government suffered a wide-ranging ransomware attack, in part because it's not a topic that comes up often with constituents.
  6. New Windows ransomware doubles down on scare tacticsVia Forbes
    • The criminal behind a new ransomware strain is trying to give victims a good, hard push in that direction. Instead of just encrypting your files, BitKangoroo will delete your files one at a time. The longer you drag your heels the more files you lose. In its current form, BitKangoroo deletes one file every hour. It's a tactic that has been used before.
  7. Phishing alert: Hacking gang turns to new tactics in malware campaignVia ZDNet
    • Off-the-shelf malware kits and mass phishing campaigns are enabling a small group of Nigerian cybercriminals to conduct hacking campaigns against targets around the world - and the threat they pose to organisations is increasing. The group, dubbed SilverTerrier, isn't a sophisticated operation, but has access to a number of malware families.
  8. How AI is being leverage for social engineering attacksVia CyberScoop
    • ZeroFox’s Phil Tully talks with Greg Otto on ways that artificial intelligence can read various social media channels in order to craft highly personalized phishing attacks. He also touches on the best ways to defend against these types attacks.
  9. Ransomware, tech-support scams or email fraud: Which cybercrimes cost victims most?Via ZDNet
    • The FBI has released a report listing the most complained about and most costly internet-related crimes. For the year, total reported losses to internet crime stood at $1.41bn -- slightly down on the $1.45bn reported in 2016.
  10. Cybersecurity attacks are up, with ransomware cited as a top threat Via Health Data Management
    • IT solutions provider US Signal surveyed about 120 security experts, and 81 percent said cyber security challenges had risen in the previous year, while 40 percent experienced at least one security incident in that time period. Another 13 percent did not know if they had experienced an attack.

 

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

How Confident Are You in Your GDPR Compliance Plan?

If you lack confidence in your GDPR plan…

If you lack confidence in your GDPR plan, you’re not a… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted May 10, 2018

Augment your Cyber Resilience Strategy with NextGen SIEM

Improve Response and Proactively Detect …

Improve Response and Proactively Detect Email Threats with t… Read More >

Michael Euperio

by Michael Euperio

Director of Technology Alliances at LogRhythm

Posted May 08, 2018

GDPR: Security VS Privacy

Top 4 Tips for a Post-GDPR World This i…

Top 4 Tips for a Post-GDPR World This is the third installm… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted May 03, 2018