At the beginning of March, as many Americans were eagerly awaiting another round of stimulus payments, news began to circulate about cybercriminals taking advantage of the American Rescue Plan offering financial assistance (payments and other aids) as part of COVID-19 relief. We got a hold of some of these phishing emails and upon scrutiny, we found the email imitates the IRS, … [Read more...]
Ubiquitous for all the Wrong Reasons
Ubiquiti may have a lot to answer to after recent allegations of their possible downplaying of January’s breach. The allegation involves an attacker gaining access to Ubiquiti’s Amazon Web Services (AWS) account via an employee’s account with root (read/write admin or higher permissions) level access to all of Ubiquiti’s AWS accounts. The whistleblower alleged that the … [Read more...]
Attempted PHP Backdoor Foiled
The PHP Group, the collection of developers responsible for maintaining the reference source code and implementation for the popular web scripting language PHP, made the decision to retire their self-maintained code repository server and move to GitHub after an unknown threat actor inserted a backdoor into the core PHP code library through a git pull request. The change, … [Read more...]
DevilXploit and Website Defacement
Sporting and competition are a mainstay of the human spirit. And in that spirit, we find new ways to compete. A classic example of this is website defacement, where a malicious hacker compromises a website and uses the page itself to show off their conquest. A WatchGuard customer recently submitted a domain that they flagged for phishing. We visited the page … [Read more...]
Alleged Acer REvil Ransomware Infection Breaks Record with $50+ Million Demand
The REvil ransomware group has come to prominence recently by infecting networks around the world with ransomware and demanding large sums of money from their victims. The group commonly posts proof of their successful ransomware efforts on their blog, called Happy Blog, where one of their most recent victims, Acer, has appeared on the list. Acer has yet to confirm the … [Read more...]
