What is EDoS? Economic Denial of Sustainability (EDoS) is a cybersecurity threat targeting cloud environments. EDoS attacks exploit the elasticity of clouds, particularly auto-scaling capabilities, to inflate the billing of a cloud user until the account reaches bankruptcy or large-scale service withdrawal. EDoS attacks exploit the cloud’s economies of scale…

Cybercriminals rely on old attack vectors to target organizations, systems and data. Why? They work and are cheap to exploit. Even in today’s age of digital evolution, malicious hackers continue to use attack vectors dating back decades. Research shows notable periods of resurgence relating to certain methods deemed old-fashioned. What…

Germany's Federal Office for Information Security, BSI, is warning companies against using Kaspersky antivirus products due to threats made by Russia against the EU, NATO, and Germany. Kaspersky is a Moscow-based cybersecurity and antivirus provider founded in 1997, that has a long history of success, but also controversy over the…

A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies. The newly found malware, dubbed B1txor20 by researchers at Qihoo 360's Network Security Research Lab…

Security researchers tracking the mobile app ecosystem have noticed a recent spike in trojan infiltration on the Google Play Store, with one of the apps having over 500,000 installs and available to download. Most of these apps belong to a family of trojan malware used in various scams, resulting in…

Ransomware tries to deletes files and render the system unusable. LokiLocker, a relatively new form of ransomware, uses the standard extortion-through-encryption racket but also incorporates disk-wiper functionality. Double extortion became a hit last year, when ransomware gangs started stealing files before encrypting them to threaten victims with a sensitive data…

Grupos de cibercriminosos estão se especializando como desenvolvedores de malware, corretores de acesso inicial, provedores de ransomware como serviço, corretores de dados e outras funções. Estamos em um momento em que os cibercriminosos, incluindo gangues de ransomware, se estabeleceram como negócios organizados e ilícitos, em vez de uma operação de…

SplashData released their “Worst passwords of 2019” list, which includes the top 25 most dangerous and most commonly leaked passwords. In an interesting turn of events, password has for the first time in the list’s history been knocked out of the top two spots. “Invoking the name of the president or any…

Scores of domains and over 120 phishing sites have been detected as part of a major global campaign targeting government procurement services, according to Anomali. The security vendor said the credential harvesting campaign featured spoofed sites for multiple international government departments, email services and two courier services, plus the usual email-based…

While the best protective measures can’t protect your business completely from a zero-day attack, many of the same cybersecurity best practices are useful for protecting against zero-day exploits. To protect your home from thieves, the easiest thing you can do is lock your windows and doors every time you leave…