⚠️ LinkedIn has a “redirect” feature for businesses. Criminals are leveraging new / hacked accounts to create their "ad" campaigns utilizing this.
Due to this links you receive pointing to LinkedIn.com could forward to #phishing sites.
Widespread #malware Qbot needs 30min after initial infection to steal browser data and emails from Outlook and 50 minutes before lateral movement to adjacent workstations.
➡️ Full attack timeline available on the article.
#Ransomware used to target only big corps. Now SMBs & individuals are frequent targets, as attacks get automated.
Sugar is RaaS targeting single devices. Features a negotiation chat, "decrypt 5 files free" and an automated ransom amount.
In 1,5 years, hackers have stolen 50M$ of crypto from exchanges in US, EUR and Asia. Some sources say amount can be 400M$.
This money is a "key revenue source" to fund Pyongyang's nuclear missile programme, says UN report.
⚠️ #Cybersecurity authorities from AUS, UK and US warn of increase in sophisticated ransomware targeting critical infra.
Top 3 infection vectors are:
🔓 Stolen or brute-forced credentials
🤖 Exploits of software flaws