Welcome to your Daily Threat Brief. Every morning we transmit a succinct summary of threat activities designed to inform your decision-making. Learn things your adversaries wished you didn’t. 

Sign Up For The Daily Threat Brief

How credential stuffing contributed to 8.3B malicious botnet logins in early 2018

Nearly 300,000 malicious login attempts by one type of botnet occur every hour, according to a new Akamai report. The specific attack vector the study focuses on is credential stuffing, a cyberattack in which botnets try to log into a site and steal a person’s identity, information, or money. Credential stuffing… Read more

Mirai Masterminds Helping FBI Snuff Out Cybercrime

The three masterminds behind Mirai – the infamous botnet known for taking down internet services in a 2016 DDoS attack – will work with the FBI in future cybercrime investigations as part of their sentencing for creating and operating the botnet. The three hackers were sentenced Tuesday in Alaska, after… Read more

Hackers swipe card numbers from local government payment portals

A previously unknown hacker group is behind a rising number of breaches that have been reported by local governments across the US. A new FireEye report reveals that this yet-to-be-identified hacker group has been breaking into Click2Gov servers and planting malware that stole payment card details. Click2Gov is a popular… Read more

Bug in Bitcoin code also opens smaller cryptocurrencies to attacks

The Bitcoin team fixed today a severe vulnerability in the software that underpins the entire Bitcoin network.  The vulnerability is categorized as a simple “denial of service” (DoS). While most DoS bugs cause simple crashes, this vulnerability has a more severe impact than most people believe. The bug affects Bitcoin Core,… Read more

Cryptojackers Grow Dramatically on Enterprise Networks

Cryptojacking — threat actors placing illicit cryptocurrency miners on a victim’s systems — is a growing threat to enterprise IT according to a just-released report from the Cyber Threat Alliance (CTA). CTA members have seen miner detections increase 459% from 2017 through 2018 and there’s no sign that the rate… Read more

Magecart claims another victim in Newegg merchant data theft

Earlier this week researchers confirmed a massive payment card skimming scheme operated by Magecart which compromised the online store of broadcaster ABS-CBN; now, the cyberthreat group has claimed a fresh victim in Newegg. Researchers from RiskIQ, together with Volexity, revealed that California-based retailer Newegg is the latest well-known merchant to succumb… Read more

FBI: Phishing Attacks Aim to Swap Payroll Information

The FBI’s Internet Crime Complaint Center (IC3) reports a wave of social engineering attacks aiming to steal employees’ login credentials so they can break into online payroll accounts. Attackers send their targets phishing emails designed to capture login credentials, the IC3 states. They use these to access employees’ payroll, change… Read more

Access to over 3,000 backdoored sites sold on Russian hacking forum

Hackers are selling access to over 3,000 breached websites on an underground hacking forum for Russian-speaking users, according to a new report by Flashpoint. The forum is named MagBO and is a relative newcomer on the hacking scene, where other services HackForum, Exploit.in, xDedic, Nulled, or Mal4All have already made… Read more

Dangerous Pegasus Spyware Has Spread to 45 Countries

The infamous Pegasus spyware, which targets iPhones and Android devices, has allegedly infiltrated 45 different countries across the globe — and six of those countries have used surveillance malware in the past to abuse human rights, a group of researchers claim. Researchers from The Citizen Lab scanned the internet in… Read more

US State Department reveals data breach, employee information exposed

The US State Department has confirmed a data breach which has led to the exposure of employee data. As reported by Politico, the personally identifiable information (PII) of some of the State Department’s workforce has been exposed, however, the data breach is not thought to impact more than one percent of the staff roster.… Read more

Cybercrime: Ransomware remains a ‘key’ malware threat says Europol

Ransomware remains the top malware threat to organisations, causing millions of dollars of damage and remaining a potent tool for cyber criminals and nation-state attackers. The rise of highly targeted file-locking malware campaigns and the threat posed by nation-state backed campaigns, means ransomware “remains the key malware threat in both… Read more

Database with 11 Million Email Records Exposed

A huge customer database containing 11 million records that include personal details, has been discovered sitting online, unprotected. The data was available from a MongoDB instance set up on the hosting infrastructure from Grupo-SMS USA, LLC, and could be accessed by anyone able to find the path to it. Independent security… Read more

Websites Attack Attempts Rose in Q2

New data shows attackers are trying to sneak past malware scanners on websites using stealthy hacks such as cryptojacking and malicious JavaScript. Website security service provider SiteLock analyzed data from 6 million customer websites for the second quarter of 2018 and found that a website, on average, suffers 58 attack… Read more

GovPayNow Leak of 14M+ Records Dates Back to 2012

Government Payment Service (GovPayNet) has been alerted to a leak of more than 14 million customer records dating back to 2012, KrebsOnSecurity reported this week. GovPayNet is used by nearly 2,300 government agencies in 35 states to process online payments for traffic tickets, bail payments, court-imposed fines, and other fees.… Read more

IoT Threats Triple Since 2017

In the first half of 2018, more than 120,000 modifications in malware attacked Internet of Things (IoT) devices — triple the total in 2017 and more than 10 times for 2016, according to a new report by researchers at Kaspersky Labs. The report shows that simple, brute-force attacks on passwords… Read more

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief