ESET discovers Operation Spalax: Colombian government and industry sector under targeted attack

In 2020, ESET researchers observed several attacks exclusively targeting Colombian entities, which have collectively been dubbed Operation Spalax. These attacks are ongoing and are focused on both government institutions and private companies, especially in the energy and metallurgical industries. The attackers rely on the use of remote access trojans, most likely to conduct cyber-espionage activities.  … More ESET discovers Operation Spalax: Colombian government and industry sector under targeted attack

Professional data leakage: How did that security vendor get my personal data?

…and why are they selling it to other security vendors and product testers? If you were hoping to find a sensational story outing one of our competitors, I am going to disappoint you right away. This is not that, but it is something, something that can happen to all of us! Spam is something that … More Professional data leakage: How did that security vendor get my personal data?

Abandoning a domain name can come back to bite you, research shows

A domain name once left behind can catch up with you – by giving fraudsters access to a treasure trove of sensitive information. Cybercriminals can use an abandoned domain name to obtain all manner of private information belonging to the company that formerly owned the domain, as well as to its clients and employees, a researcher … More Abandoning a domain name can come back to bite you, research shows

Ethereum cryptocurrency wallets raided after Amazon’s internet domain service hijacked

Approximately US $150,000 worth of Ethereum-based cryptocurrency stolen. Online cryptocurrency website MyEtherWallet.com has confirmed that for a period of time yesterday some visitors could have been redirected to a phishing site designed to steal users’ credentials and – ultimately – empty their cryptocurrency wallets. According to reports, whoever was behind the attack may have successfully stolen approximately US … More Ethereum cryptocurrency wallets raided after Amazon’s internet domain service hijacked

Study: White House email domains at risk of being misused for phishing scams

Most of the White House’s email domains have yet to deploy an email authentication protocol known as DMARC that is designed to reduce the risk of attackers impersonating legitimate email addresses for distributing spam or phishing messages. Nearly all email domains overseen by the Executive Office of the President (EOP) of the United States – … More Study: White House email domains at risk of being misused for phishing scams