Shane Chambers No Comments

Irish Businesses and Consumers Targeted by Extortion Email Scam

It’s 2018, and phishing emails are just an expected part of life for email users around the world, containing all manner of malware within concealed links and dodgy attachments. Most of us can recognise poorly spelled phishing emails that lack any real context, but what happens when something more complex hits your inbox? What if a cyber criminal emailed you your password – a real password you’ve used – and told you that they had compromising videos of you and more? What if they said that unless you pay a Bitcoin ransom, they would share this incriminating footage with everyone on your contacts list? That’s exactly what has been happening to thousands of Irish users, to both personal and corporate email addresses.


Cyber criminals are ever trying to find newer, more sophisticated means to scam the general public and businesses through phishing

Read more

Shane Chambers No Comments

Enterprise Resource Planning Applications Next Big Cyber Attack Target

Cyber criminals are beginning to target Enterprise Resource Planning (ERP) applications, with the aim of disrupting and stealing data from large companies, according to reports from both security experts and the US government. According to a recent report from security companies Digital Shadows and Onapsis, hacktivists and state-sponsored groups in particular and looking to exploit flaws in platforms provided by Oracle and SAP.


SAP and Oracle are believed to be the biggest targets due to long-running security vulnerabilities

Read more

Shane Chambers No Comments

How the Latest Zero-Day Flash Bug Bypasses Your Antivirus and Firewall

Adobe has been forced to release an out-of-schedule emergency security patch to its users, after a zero-day vulnerability was discovered to affect Adobe Flash Player. Users are being urged by Adobe to update to version 30.0.0.113 of Flash Player, which contains mitigations for the zero-day as well as addressing three other flaws. This latest flaw was discovered already being used in the wild to attack Windows users, and doesn’t exploit browsers like typical Flash exploits – instead, it works through Microsoft Office documents which it utilises to download and execute malicious code.


Most Flash exploits take advantage of web browsers, however this zero-day utilises Office documents and is usually received through phishing emails

Read more

Shane Chambers No Comments

Chrome Extension Turns Unsuspecting Users Into Cryptocurrency Miners

The cryptocurrency saga continues. A malicious extension has been removed from Google’s Chrome browser after it was revealed that it had been spreading through Facebook, attempting to steal passwords from unsuspecting users and taking advantage of their PCs to mine cryptocurrency. This isn’t the first time that cyber criminals have attempted to hijack other people’s computers in order to mine cryptocurrency for them. The extension, named FacexWorm, used Facebook messenger to spread to other users, sending what appears to be a Youtube link, which actually redirected the user to a fake landing page. The extension then communicated with criminal servers in order to download further malicious code onto the user’s PC.


Last month, Google announced that it would no longer accept Chrome extensions that mined cryptocurrency, in a move suspected to coincide with the removal of FacexWorm

Read more