Tag: remote access
US Department of Health and Human Services Falls Victim to Social Engineered Scam – April 11th
The US Department of Health and Human Services (HHS) reported that they fell victim to a social engineering scam over the phone, imitating HHS' financial department, convincing them to hand over ID verification details. The threat actors, aside from imitating HHS' financial department, pulled the attack off by using local area codes and AI voice-changing technology to disguise themselves. The surrendered information could lead to threat actors bypassing multifactor authentication (MFA) security.
Fake Chrome Update Spreads Banking Malware – March 19th
According to a Broadcom report, a banking trojan named "Cerberus" pretending to be a Google Chrome update has successfully distributed to numerous systems. Affecting only Android users, the Cerberus malware allows attackers to completely control affected systems through its complex remote access capabilities.
Cybersecurity Experts Question ‘Cyber Scam Warning’ Effectiveness – January 19th
The concern of official cyber scam warnings potentially being ineffective was raised by cybersecurity firms, Praxis Labs, eSentire, stemming from Dubai and Ghana cyber and law enforcement agency reports. After multiple cyber scam warnings issued by the Dubai Police and the Cyber Security Authority of Ghana, reports of victims continuously poured in for these “search engine scams”. Following the incidents, researchers at Praxis Labs and eSentire released statements on human behavior corresponding to cyber, by being on "default mode" and for search engines, the issuance of "implicit trust".
SEC X Account Hacked to Push Bitcoin ETFs – January 10th
The Securities and Exchange Commission (SEC) confirmed through a spokesperson and social media announcements that the agency's X (formerly Twitter) account was compromised to promote Bitcoin ETFs. Bitcoin's value spiked to nearly $48k as a result of the false Tweet, despite being taken down just 30 minutes after being published.
US White House Issues Executive Order to Improve Nation’s Cybersecurity – December 22nd
On December 21st, the U.S. White House issued Executive Order (EO) 14028, "Executive Order on Improving the Nation's Cybersecurity," which emphasized modernizing cybersecurity infrastructure by coding in more secure ways. A more detailed excerpt from the Executive Order stated; "Software engineers, developers, and coders must build secure code and security controls into the code they create. They need to make security by design and security by default software-design requirements."