Law enforcement agencies around the world appear to have scored a major victory in the fight against fraudsters, in an operation that seized tens of millions of dollars and seen more than 2000 people arrested.Operation “First Light 2022”, running for two months from March 8 2002 until May 8 2022, saw 76 countries clamp down on organised crime rin

Digital attackers launched a new ransomware campaign dubbed “PLEASE_READ_ME” in an effort to target MySQL servers.Guardicore first spotted the attack back in January 2020. After that, it witnessed a total of 92 attacks emanate from 11 IP addresses, with most based in Ireland and the United Kingdom at the time of analysis.The security firm found t

Security researchers detected a new spear-phishing attack that’s using an exact domain spoofing tactic in order to impersonate Microsoft.On December 7, IRONSCALES revealed that it had spotted the campaign targeting Office 365 users. Those users primarily worked in the financial services, healthcare, insurance, manufacturing, utilities and telecom indus

The Phorpiex botnet earned the notorious designation of “most wanted malware” for the month of November 2020.In its Global Threat Index for November 2020, Check Point Research revealed that it had observed a surge in new Phorpiex botnet infections that had affected four percent of organizations globally.This threat activity enabled Phorpiex to re

Mercy Health revealed that it had fired an employee who was responsible for an insider breach involving its systems.On December 4, Mercy Health posted a notice informing its patients of a medical records incident that had occurred earlier in the year.The bulletin explained that Mercy Health, the fifth largest Catholic health care system in the United States,

Malicious actors used a Business Email Compromise (BEC) scam to prey upon a Philadelphia non-profit food bank.According to The Philadelphia Inquirer, the scam occurred back in July when the hunger relief organization Philabundance was nearing the completion of its $12 million Philabundance Community Kitchen.Nefarious individuals impersonated the construction

The Egregor ransomware gang struck TransLink, the authority responsible for managing Metro Vancouver’s transportation network.On December 1, TransLink announced that certain issues were affecting its phones, online services and payment systems. The authority later confirmed that it had suffered a ransomware attack and that those responsible for the inf

A global phishing campaign targeted organizations associated with the Coronavirus 2019 (COVID-19) cold chain.Discovered by IBM Security X-Force, the operation began in September 2020 by targeting multiple entities that support the Cold Chain Equipment Optimization Platform (CCEOP). A program created by Gavi, The Vaccine Alliance, CCEOP aims to cultivate an a

U.S. law enforcement learned that email attackers are using auto-forwarding rules to help them to perpetrate Business Email Compromise (BEC) scams.In a Private Industry Notification published on November 25, the FBI revealed that some BEC scammers are now updating the auto-forwarding rules in the web-based client of an email account they’ve compromised

An Indian national received a prison sentence of 20 years for having created a call center scheme that preyed upon U.S. individuals.On November 30, U.S. District Judge David Hittner handed down a 20-year prison sentence to Hitesh Madhubhai Patel, aka Hitesh Hinglaj, 44, of Ahmedabad, India.The sentence stemmed from charges of wire fraud conspiracy along with

A phishing campaign used what appeared to be back-to-work notifications in order to compromise recipients’ corporate email accounts.Near the end of November, Abnormal Security detected one of the campaign’s attack emails. That message masqueraded as an internal notification from the recipient’s company. It did so by using spoofing technique

A new version of the Mount Locker crypto-ransomware strain is specifically targeting victims’ TurboTax files.As reported by Bleeping Computer, Advanced Intel’s Vitali Kremez came across a new Mount Locker sample that specifically sought out files used by the TurboTax tax preparation software.In particular, Kremez observed the sample going after f

Malicious actors launched a phishing attack that’s using redirector websites with custom subdomains in order to evade detection.On November 16, Microsoft Security Intelligence tweeted out that it had spotted the phishing attack attempting to lure in recipients with emails disguised as password update reminders, helpdesk tickets and other seemingly legi

Security researchers found several clues linking the WebNavigator web browser to well-known search hijackers.A Chromium-based browser, WebNavigator promises users that it’ll simplify their web browsing experience by providing “quick access” to their bookmarks. The browser also claims to yield quick search results by starting up with Windows

Zoom released new security features to help its users counter disruptive meeting intrusions, otherwise known as “Zoombombing.”Matt Nagel, security & privacy PR lead at the American communications technology company, announced in a blog post on November 16 that Zoom had released two new anti-Zoombombing features over the previous weekend.The f