Security News

Sextortion scammers are now targeting potential victims with spam sent to their work emails via the Emotet botnet, a distribution channel 10 times more effective than previous ones according to research published today by IBM X-Force.

Sextortion is a type of email scam first seen in the wild during July 2018 when crooks started emailing potential targets and claiming that they have them recorded on video while browsing adult sites.

To increase their scams messages’ credibility, in some cases the scammers also include the victims’ passwords leaked with the email addresses as part of a data breach dump.

Read more »

A new utility has been released by Japan CERT (computer emergency response team) that allows Windows users to easily check if they are infected with the Emotet Trojan.

The Emotet Trojan is one of the most actively distributed malware that is spread through phishing emails with malicious Word document attachments.

These emails pretend to be invoices, shipping notices, account reports, holiday party invites, and even information about the Coronavirus in the hopes that you will be enticed, or tricked, into opening the attachment. Read more »

Safer Internet Day (SID) is organised by the joint Insafe/INHOPE network, with the support of the European Commission*, each February to promote the safe and positive use of digital technology, especially among children and young people. Celebrated on the second day of the second week of the second month, each year on Safer Internet Day millions of people unite to inspire positive changes online, to raise awareness of online safety issues, and participate in events and activities right across the globe.

Safer Internet Day aims to create both a safer and a better internet, where everyone is empowered to use technology responsibly, respectfully, critically and creatively. The campaign aims to reach out to children and young people, parents and carers, teachers, educators and social workers, as well as industry, decision makers and politicians, to encourage everyone to play their part in creating a better internet. Read more »

The FBI has seized the WeLeakInfo.com websites for selling subscriptions to data that were exposed in data breaches.

WeLeakInfo.com is a data breach notification service that allows its customers to verify if their credentials been compromised in data breaches. The service was claiming a database of over 12 billion records from over 10,000 data breaches. I used the past because a joint operation conducted by the FBI in coordination with the UK NCA, the Netherlands National Police Corps, the German Bundeskriminalamt, and the Police Service of Northern Ireland resulted in the seizure of the WeLeakInfo.com domain.

Read more »

Microsoft released the January 2019 Office security updates, bundling a total of seven security updates and three cumulative updates for five different products, six of them patching flaws allowing remote code execution.

Redmond also released the January 2020 Patch Tuesday security updates, with security updates for 49 vulnerabilities, seven of them being classified as Critical and 41 as Important.

Unlike previous Patch Tuesday releases, Microsoft did not publicly disclose any vulnerabilities found to be actively exploited in the wild.

To download Microsoft Office security updates on your device, you have to click on the corresponding Knowledge Base article in the table below and then scroll down to the “How to download and install the update” section to grab the update packages for each product.

Read more »