Welcome to your Daily Threat Brief. Every morning we transmit a succinct summary of threat activities designed to inform your decision-making. Learn things your adversaries wished you didn’t. 

Sign Up For The Daily Threat Brief

Google Accelerates Google+ Shutdown After New Bug Discovered

The discovery of a new API bug in Google+ has led Google to hasten the shuttering of its consumer version of the social-networking platform, the tech giant said. Google was already in the process of shutting down Google+ after a different API software bug in the platform, disclosed in October,… Read more

Congressional committee slams Equifax in report on data breach

Equifax didn’t take steps to prevent a massive data breach in 2017 that allowed hackers to steal the personal information of 147.7 million Americans from its servers. It wasn’t ready to handle the aftermath, either. That’s the takeaway from a House Oversight Committee report (PDF), released Monday, which calls the breach “entirely preventable.” The 96-page… Read more

Highly Active MuddyWater Hackers Hit 30 Organizations in 2 Months

The cyberespionage group referred to as MuddyWater has hit over 130 victims in 30 organizations from late September to mid-November, Symantec security researchers said in a report. Highly active over the past several months, MuddyWater was first detailed in 2017. Numerous attacks were linked to the group this year, when security researchers also… Read more

Volkswagen Giveaway Scam Peddles Ad Networks

A fake Volkswagen campaign is making its way across social media platforms, luring in victims with promises of a free Volkswagen car giveaway – but instead redirecting them to third-party ad servers. Victims are first sent messages via WhatsApp or Facebook, purporting to be from Volkswagen and claiming it will… Read more

Old-School Bagle Worm Spotted in Modern Spam Campaigns

Fresh mass-email campaigns spreading the long-running Bagle worm have recently been spotted, affecting Microsoft Windows machines. These appear to be a throwback to an earlier time. Also referred to as Beagle, Bagel contains a backdoor that listens on TCP port 6777 which is hardcoded in the worm’s body. This backdoor… Read more

New Mac Malware Combines Open-Source Backdoor and Crypto-Miner

A recently discovered piece of malware targeting Mac systems is a combination of two open-source programs, Malwarebytes security researchers warn. Detected as DarthMiner, the threat is distributed through an application called Adobe Zii, which supposedly helps in the piracy of various Adobe programs, but which in this case does nothing of the… Read more

Satan Ransomware Variant Exploits 10 Server-Side Flaws

A new version of ransomware that first surfaced about two years ago is garnering attention for its ability to spread via as many as ten different vulnerabilities in Windows and Linux server platforms. “Lucky,” as the new malware is called, is a variant of Satan, a data encryption tool that… Read more

Hackers ramp up attacks on mining rigs before Ethereum price crashes into the gutter

Hackers have set off in motion a massive campaign that scans for Internet-exposed Ethereum wallets and mining equipment. The mass-scan campaign has been raging for at least a week, since December 3. Attackers are scanning for devices with port 8545 exposed online. This is the standard port for the JSON-RPC interface of… Read more

Cybercrime and malware, 2019 predictions

It has now become a tradition among cyber-security firms to issue a series of predictions for the upcoming year. While some companies have their malware analysts or their CEOs put out small lists of predictions, others go completely overboard with podcasts and 100-page reports that are just a few pages… Read more

China summons US ambassador and warns of ‘grave consequences’ if Huawei’s CFO is not released

China summoned the US ambassador to Beijing to protest Canada’s detention of a senior executive of Chinese electronics giant Huawei at Washington’s behest, demanding the US cancel the order for her arrest. The official Xinhua News Agency said Vice Foreign Minister Le Yucheng “lodged solemn representations and strong protests” with… Read more

Australia passes controversial anti-encryption law that could weaken privacy globally

The Australian government has passed new legislation that would allow law enforcement authorities to force tech companies to hand over user information, even if it’s protected by end-to-end encryption. The Assistance and Access Bill 2018 has been criticized by Apple as well as other technology companies and academics who argue that the legislation will weaken the… Read more

Sextortion Emails now Leading to Ransomware and Info-Stealing Trojans

Sextortion email scams have been a very successful way of generating money for criminals. A sextortion scam is when you receive an email that states someone hacked your computer and has been creating videos of you while you are using adult web sites. The emails then tell you to send them bitcoins or… Read more

OpSec mistake brings down network of Dark Web money counterfeiter

European law enforcement agencies scored a big win this week against criminals active on the Dark Web. In a press release, Europol revealed that police in 13 countries conducted 300 house searchers and arrested 235 suspects who bought counterfeit euro banknotes from a Dark Web marketplace. All arrests are related to… Read more

Gift Card-Themed BEC Holiday Scams Spike

With cyber threats rampant between Black Friday and Christmas, security experts are warning of a wave of business-style email scams hitting inboxes designed to appeal to holiday shoppers. Attacks involve scam messages purporting to be gift card deals or links to corporate donations. According to researchers at Proofpoint, the style, technique… Read more

Syrian Electronic Army Hackers Are Targeting Android Phones With Fake WhatsApp Attacks

The Syrian Electronic Army was causing carnage half a decade ago. Outside of attacking the U.S. government and major publications like Forbes, two of the hacker crew’s chief operators even made it onto the FBI’s Most Wanted list. But the SEA hasn’t made headlines in some time, largely because it’s turned its focus… Read more

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief