Cyber News

Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot is a banking trojan used to steal banking credentials and financial data, as well as to log user keystrokes, deploy backdoors, and drop additional malware on compromised machines. Banks whose customers have been targeted are JP Morgan, Citibank, Bank of America, Citizens, Capital One, Wells Fargo, and FirstMerit Bank. Read more >>>

Fortune 500 insurance holding company Genworth Financial disclosed a data breach after an unauthorized party gained access to insurance agents' online accounts using compromised login credentials. The U.S. mortgage and long term care insurer had revenue of $8,6 billion during the last fiscal year and it reached a deal with China Oceanwide Holdings Group that will allow the Chinese company to buy Genworth for $2.7 billion. Read more >>>

86% of all breaches are financially motivated, where threat actors are after company financial data, intellectual property, health records, and customer identities that can be sold fast on the Dark Web. 70% of breaches are perpetrated by external actors, making endpoint security a high priority in any cybersecurity strategy. 55% of breaches originate from organized crime groups. Attacks on Web apps accessed from endpoints were part of 43% of breaches, more than double the results from last year. Read more >>>

The city of Knoxville, Tennessee, has shut down its computer network following a ransomware attack. The attack took place in the night between June 10 and June 11, the malware encrypted multiple systems in the IT network. According to Chief Operations Officer David Brace, the attack has been discovered by employees of the city’s fire department around 4:30 AM, June 11. Brace said The Tennessee Bureau of Investigation and the Federal Bureau of Investigating is investigating into the incident. Read more >>>

Amid the COVID-19 pandemic and orders to stay-at-home, many businesses have moved almost entirely to a work-from-home structure. With most mortgage professionals working with a lot of sensitive information on behalf of clients and the company, there is an increased risk of compromised networks and data. Read more >>>

Looking for new angles to socially engineer employees working from home under COVID-19 conditions, attackers have devised a new phishing campaign that distributes emails that look as if they were generated by Private Branch Exchange (PBX), a legacy technology that integrates with employees’ email clients so they can receive their voicemail recordings. Ironscales reported that the operation, discovered by its researchers last month, has threatened nearly 100,000 mailboxes around the world. Read more >>>