Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Latitude Forced To Stop Adding New Customers in Aftermath of Breach

Looks like Latitude Finance is trying to give consumers more "latitude" in their exposure to cyber risks. The Australian finance company admittedly fell victim to an attack that has exposed customer data and Latitude Financial has been forced to stop adding new customers from clients such as Apple, Harvey Norman and JB Hi-Fi as it tries to contain the damage from criminals, who still appear to be active in its computer systems.

Mid-Sized Businesses Lack the Staffing, Expertise, and Resources to Defend Against Cyberattacks

Mid-sized businesses – those with 250 to 2000 employees – don’t appear to have what they need to fend off attacks in a number of critical ways. Cybersecurity vendor Huntress’ latest report, The State of Cybersecurity for Mid-Sized Businesses in 2023, shows that mid-sized businesses are in a heap of trouble and simply aren’t prepared for an attack: In short, organizations have no internal resources to ensure the organization is improving its state of cybersecurity daily.

The New Face of Fraud: FTC Sheds Light on AI-Enhanced Family Emergency Scams

The Federal Trade Commission is alerting consumers about a next-level, more sophisticated family emergency scam that uses AI that imitates the voice of a "family member in distress". They started out with: "You get a call. There's a panicked voice on the line. It's your grandson. He says he's in deep trouble — he wrecked the car and landed in jail. But you can help by sending money. You take a deep breath and think. You've heard about grandparent scams. But darn, it sounds just like him.

Artificial Intelligence Makes Phishing Text More Plausible

Cybersecurity experts continue to warn that advanced chatbots like ChatGPT are making it easier for cybercriminals to craft phishing emails with pristine spelling and grammar, the Guardian reports. Corey Thomas, CEO of Rapid7, stated, “Every hacker can now use AI that deals with all misspellings and poor grammar. The idea that you can rely on looking for bad grammar or spelling in order to spot a phishing attack is no longer the case.

The FBI's Public Service Warning of Business Email Compromise

The US FBI is warning of business email compromise (BEC) attacks designed to steal physical goods. While BEC attacks are typically associated with stealing money, criminals can use the same social engineering tactics to hijack deliveries of valuable materials. The FBI says fraudsters are particularly interested in stealing construction materials, agricultural supplies, computer technology hardware and solar energy products.

Australian Police Arrest Business Email Compromise (BEC) Operators

The Australian Federal Police (AFP) have arrested four alleged members of an organized crime group known for carrying out business email compromise (BEC) attacks, BleepingComputer reports. The victims of the gang’s attacks lost between $2,500 and $500,000. “Four members of an alleged cyber criminal syndicate accused of money laundering $1.7 million in stolen cash from Australian and overseas victims have been charged in Brisbane, Adelaide and Melbourne,” the AFP said in a statement.

Stay Ahead of the Game: Protect Yourself From Trojanized Chat Apps Targeting WhatsApp and Telegram Users

It seems that once again bad actors have found a new way to infect our devices with malware. This time, they are using a devious little trick to spread trojanized versions of popular chat apps Telegram and WhatsApp. Now, I am sure you are all familiar with these apps – they are hugely popular for communication and messaging, with millions of users around the world. And unfortunately, that is exactly what makes them such an attractive target for cybercriminals.

The Dangers of Vishing Campaigns and How To Protect Yourself

In recent years, cybercrime has evolved to become more sophisticated than ever before. One of the up and coming methods used by criminals is vishing (voice phishing). This is where an attacker phones up a victim to simulate a trusted source such as a bank to phish for sensitive information. No one is immune from a vishing attack, even the Social Security Administration.

Ransomware Data Theft Extortion Goes up 40% to 70% From '21 to '22

A report from Palo Alto Networks’ Unit 42 found that data theft extortion occurred in 70% of ransomware attacks in 2022, compared to 40% in 2021. The researchers examined the four most common methods of cyber extortion (encryption, data theft, harassment, and DDoS attacks) noting that threat actors often combine these tactics within a single attack campaign.

New Vendor Email Compromise Attack Seeks $36 Million

The details in this thwarted VEC attack demonstrate how the use of just a few key details can both establish credibility and indicate the entire thing is a scam. It’s not every day you hear about a purely social engineering-based scam taking place that is looking to run away with tens of millions of dollars. But, according to security researchers at Abnormal Security, cybercriminals are becoming brazen and are taking their shots at very large prizes.