Tag: ransomware

Be careful with LinkedIn! That job opportunity could be a cyberattack

Cybersecurity researchers have highlighted a new phishing campaign that is spreading through private messages on social media, especially on LinkedIn. This method allows attackers to build trust with high-value individuals before compromising their systems. According to a report from ReliaQuest, the campaign uses malicious files delivered through the technique of sideloading dynamic link libraries (DLL), combined with open-source Python pen-testing scripts. Don’t read your DMs from strangers, just in case The strategy involves approaching victims through messages on LinkedIn, inducing them to download an archive file […]

Cybersecurity researchers have highlighted a new phishing campaign that is spreading through private messages on social media, especially on LinkedIn. This method allows attackers to build trust with high-value individuals before compromising their systems. According to a report from ReliaQuest, the campaign uses malicious files delivered through the sideloading technique of dynamic link libraries (DLL), combined with open-source pen-testing Python scripts.

Don’t open your DMs from strangers, just in case

The strategy involves approaching victims through messages on LinkedIn, inducing them to download a self-extracting WinRAR file that, when executed, activates a chain of infection. In this process, several malicious components are extracted, where the execution of a PDF reader application triggers the malicious payload. This technique has become increasingly common among threat actors, as it allows them to conceal suspicious activities and evade detection.

Once the system is infected, attackers gain persistent remote access, allowing them to exfiltrate sensitive data and escalate privileges within the compromised network. ReliaQuest indicates that this activity is widespread and opportunistic, affecting various industries. The ease of use of legitimate tools and the abuse of social platforms highlight the growth of phishing attacks that go beyond traditional emails.

Previous experiences have shown that LinkedIn has been used for targeted attacks, with malicious actors posing as job opportunities. The lack of monitoring of private messages on these platforms presents a significant gap in organizational security postures, suggesting that companies should consider social media as a critical area of exposure to attacks and expand their defenses beyond the email-centric approach.

Oracle may have a serious security issue on its hands that has not been confirmed

Groups of attackers associated with the Clop ransomware have begun sending emails to Oracle customers, demanding extortion payments and claiming to have stolen data from their E-Business Suite. Although investigators have not confirmed the veracity of these claims, multiple investigations are underway into the Oracle environments belonging to the organizations that received these communications. Extortion or real data theft? According to Charles Carmakal, CTO of Mandiant Consulting, a high-volume email campaign has been observed launched from hundreds of compromised accounts. The emails contain contact information and, interestingly, […]

Groups of attackers associated with the Clop ransomware have begun sending emails to Oracle customers, demanding extortion payments and claiming to have stolen data from their E-Business Suite. Although investigators have not confirmed the veracity of these claims, multiple investigations are underway into the Oracle environments belonging to the organizations that received such communications.

Extortion or real data theft?

According to Charles Carmakal, CTO of Mandiant Consulting, a high-volume email campaign has been observed launched from hundreds of compromised accounts. The emails contain contact information and, interestingly, it has been verified that some of the provided addresses are publicly listed on the Clop data leak site. Despite this, Clop has not yet made its claims public on its leak platforms.

The extortion campaign has involved sending emails directed at company executives from compromised third-party accounts, starting on or before September 29. Genevieve Stark, head of cybercrime intelligence analysis at Google Threat Intelligence Group, commented that, although the indications point to Clop, it is unclear whether the group’s claims are credible or how they gained access to Oracle’s information.

Although efforts are being made to determine the authenticity of these threats, there is currently no evidence of a successful data breach or specific malware related to this campaign. Extortion communications pressure victims to initiate negotiations, but do not include concrete demands. Researchers are continuously working to clarify the details of how this possible access to Oracle’s E-Business Suite occurred and the impact it could have on its customers.

Avast Free Antivirus DOWNLOAD

Windows 10 is reaching the end of its cycle and the FTC wants to take action

On October 14, 2025, the end of the Windows 10 lifecycle will be marked, as it will stop receiving free updates. This event has raised concerns, not only about the outdated operating system but also about recent accusations from Senator Ron Wyden against Microsoft regarding harmful practices in cybersecurity. The Federal Trade Commission fears that there may be bad faith on the part of Microsoft. Wyden, a recurring critic of the company, has asked the Federal Trade Commission to investigate the default use of RC4 encryption in Windows, an obsolete standard […]

The upcoming October 14, 2025, will mark the end of the Windows 10 lifecycle, as it will stop receiving free updates. This event has raised concerns, not only due to the obsolescence of the operating system but also because of recent accusations by Senator Ron Wyden against Microsoft regarding harmful practices in cybersecurity.

The Federal Trade Commission fears that there may be bad faith on the part of Microsoft

Wyden, a recurring critic of the company, has requested that the Federal Trade Commission investigate the default use of RC4 encryption in Windows, an obsolete and vulnerable standard that facilitated the ransomware attack on Ascension in 2024, compromising the data of 5.6 million patients. Microsoft has acknowledged that the use of RC4 makes password theft easier, highlighting the urgency of updating its security protocols.

Despite the criticism, Microsoft has promised that new Active Directory installations will not use RC4 by default starting in the first quarter of 2026. However, the company argues that completely disabling this encryption could affect the systems of some customers, complicating the situation.

Amid these controversies, Microsoft has been ramping up its investments in artificial intelligence. The company has introduced its MAI-1 model, trained with modern GPUs, as it seeks to compete with tech giants like Google and Meta. Additionally, they have expressed interest in using Anthropic models for certain functions in Microsoft 365, reflecting a strategy of independence from OpenAI.

The CEO of Microsoft, Satya Nadella, has reaffirmed the company’s commitment to developing its own models and continuing innovation in the field, marking a clear intention to become a key player in the race for next-generation artificial intelligence.

Windows 11 DOWNLOAD

40% of ransomware problems end in physical threats to executives

In a recent report, Semperis revealed that 40% of ransomware incidents involve physical threats directed at executives, a tactic employed by criminals to pressure victims into complying with ransom demands. This alarming finding highlights a concerning shift in the evolution of cyberattacks, where violence and coercion are becoming common tools in the attackers’ repertoire. Ransomware, a type of cyberattack that kidnaps critical data and demands payment for its release, has been at the center of the debate about the […]

In a recent report, Semperis has revealed that 40% of ransomware incidents involve physical threats directed at executives, a tactic employed by criminals to pressure victims into complying with ransom demands. This alarming finding highlights a concerning shift in the evolution of cyberattacks, where violence and coercion are becoming common tools in the attackers’ repertoire.

What I put in you, milk

Ransomware, a type of cyberattack that kidnaps critical data and demands payment for its release, has been at the center of the cybersecurity debate for years. However, the inclusion of physical threats represents an extreme approach that not only intensifies fear but also raises serious concerns about the safety of executives and staff in the affected companies. As these attacks become more sophisticated, it is evident that criminals are willing to cross ethical and legal lines to achieve financial gains.

This increase in the violence associated with ransomware crimes is a wake-up call for organizations and authorities. The need to adopt more robust security measures and to promote a culture of prevention is more urgent than ever. Companies must be prepared not only to protect their data but also to safeguard the integrity of their personnel.

Moreover, in an environment where threats can extend beyond the digital world, it becomes essential for organizations to implement protocols that include physical security and training for their employees to deal with crisis situations. As the threat of ransomware continues to evolve, the commitment to security will be crucial to safeguard both the business infrastructure and the individuals that comprise it.

Now it is possible for them to hijack your computer at the CPU level

Ransomware, a malicious software designed to take control of computers and data and extort victims, continues to evolve alarmingly. Recently, researcher Christiaan Beek has shared his concern about new vulnerabilities arising in the microcode of processors, a code that sits just above the hardware and regulates its operation. There is no way to defend oneself completely. Beek has developed a method capable of hijacking microcode updates and installing ransomware directly on the processor. This new form of attack adds to those that have already been […]

Ransomware, a malicious software designed to take control of computers and data and extort victims, continues to evolve alarmingly. Recently, researcher Christiaan Beek has shared his concern about new vulnerabilities arising in the microcode of processors, a code that sits just above the hardware and regulates its operation.

There is no way to defend oneself completely

Beek has developed a method capable of hijacking microcode updates and installing ransomware directly on the processor. This new form of attack adds to those that have already been revealed, such as an exploit in the BIOS that allows modification of microcode in some AMD processors. “From my experience in firmware security, I thought: ‘I can write ransomware for CPUs,'” Beek told the media. Although there are no plans to publicly disclose the tool, it has been confirmed that the researcher has managed to create ransomware that hides in the microcode of processors.

The importance of this innovation lies in the fact that ransomware operating at the CPU level could bypass almost all established security measures. Becker warned that if there is direct access to the machine, the impact of these attacks is even more severe. However, the researcher also emphasized that the fight against ransomware cannot be relegated to technology, highlighting a serious lack of cyber hygiene among users. “Most problems are due to user errors or their lack of action,” he stated.

The current situation reflects a standstill in the battle against ransomware. Beek noted that by 2025 we should not be talking about these types of problems, lamenting that more than a decade after the first major attacks, the foundations of cybersecurity are still not well established. With the constant technological evolution and the arrival of new trends such as artificial intelligence and machine learning, there is still a long way to go in protecting against these threats.

Windows 11 DOWNLOAD

TrendMicro’s Antivirus for Mac goes way beyond malware

Even though Macs have a reputation for security, the number of malware attacks on Macs surpassed those on Windows machines for the first time in 2020, according to an article in Vox. So there goes the idea that if you have a Mac, you don’t have to worry about installing software to protect it. The fact is, hackers have gotten more devious in sidestepping the inbuilt protections in all our computers, so having an extra level of security – for Macs and PCs – is just plain smart.

AntiVirus for Mac from trusted software developer TrendMicro delivers this protection and much, much more.

Get 25% Off Antivirus for Mac

Claim Special Offer

Don’t be held hostage 

As with all antivirus software products out there, TrendMicro’s product will alert you when it finds malware on your Mac or when you attempt to download a potentially troublesome file. But Antivirus for Mac takes things a step further with enhanced ransomware protection. Called Folder Shield, this component of the program allows you to mark folders you want monitored so that if a hacker were to try to encrypt them and charge you money to un-encrypt them, he would be blocked and you would be notified.

Cruise the web with confidence

Antivirus for Mac also automatically plugs into your browsers when it is installed so that it can keep an eye out for suspicious websites and other online threats, which it identifies with an icon in search results. You are able to set your Web Threat Protection Level to low, medium or high, and you can also activate a website filter to block sites based on their themes/functions such as those that feature nudity, hate or racism, gambling, shopping, offer online chats, or provide streaming media. There are 31 filters in all, along with the ability to whitelist any site you’d like – a feature that comes in very handy if you have children surfing the internet.

Social distance

One of the standout features of Antivirus for Mac is the ability to have it examine your social media settings on Facebook, Twitter and LinkedIn for potential privacy concerns (although we couldn’t get this feature to work on Facebook in our tests). The scan will tell you what information you’re sharing with the public and recommend settings to help lock down your private information – including the information that’s shared with advertisers outside the social networks. 


Eye spy

Still another noteworthy feature of Antivirus for Mac is that you are able to set it to alert you whenever an application is trying to access your webcam or microphone to prevent unwanted spying. The setting is simple to activate during the installation process.

And speaking of simplicity, TrendMicro has made this program extremely easy to navigate. The main screen offers the various protection possibilities down the left and when you choose one, the window to the right is populated with the settings you can control. Things work with simple checkboxes and slidable switches, plus an icon in your Mac’s toolbar lets you quickly access key features including scans and updates.

Value time

TrendMicro’s antivirus, anti-malware, and anti-ransomware protections would be enough to make Antivirus for Mac a bargain on its own. Throw in all the features we’ve detailed, and it becomes clear that it’s hard to beat the value you get for your money. Right now the software is available for 25% off the normal rate of $39.95, so you’ll pay only $29.95 for a full year of protection. 

Get 25% Off Antivirus for Mac

Claim Special Offer