Starting in November 2021, debt collectors will have text and social media as ways to contact people. This provides cyber criminals with powerful new phishing topics. It’s important to understand what they can do, and more important to know what you should and shouldn’t do to stay safe. 

https://apscdn.nyc3.cdn.digitaloceanspaces.com/resources/pdf/insights/Debt%20Collectors%20%20v1%20%202021-02-19.pdf 

Ransomware has been growing by leaps and bounds as a successful tool for cyber criminals. It creates major disruptions for victims and is quickly monetized. Now instead of going after individual companies, the attackers are going after applications used by multiple clients. This significantly enlarges the number of victims with each successful attack. 

https://www.darkreading.com/attacks-breaches/ransomware-attackers-set-their-sights-on-saas/d/d-id/1340147?fbclid=IwAR2VUAMeHbzuyGpWtlZRvAsp_iyfE-XrKFt7bGeTY_CmrHsG-q00HhIKOHk  

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Pop up ads are annoying at best and often the channel for damage or theft of our information. This article details the way “ScamClub” exploited an iPhone bug to pop up the ads that appeared innocent but stole information or in a more elaborate scheme took our money with promises of big payouts. 

https://nakedsecurity.sophos.com/2021/02/17/scamclub-gang-outed-for-exploiting-iphone-browser-bug-to-spew-ads/?fbclid=IwAR1qwi2czd9boR-ynGTBC0ojmVWIVaylDY-GxclXIxiXyfMKHd6qUGU1eC0

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Microsoft 365 is one of the most widely used applications in the world. As we saw with the recent SolarWinds attack, the focus of attacks has moved to applications from individual companies. Research shows that communication between Microsoft applications can bypass security precautions and provide an avenue for attackers. 

https://www.darkreading.com/application-security/hidden-dangers-of-microsoft-365s-power-automate-and-ediscovery-tools-/a/d-id/1340014?fbclid=IwAR1zJ9x88awPCCqbRRYdsvLFbcu_eD1wyCfB_N8xatQTeINvtY9Y9uHoY74

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

The theft of user credentials has long been known as a tool for cyber criminals to gain access to a company network and resources. But recent research shows that before the attacks we see, the cyber criminals have been doing damage but in a more covert way. Then when they have capitalized on the stolen credentials for themselves, they begin to make the stolen credentials available to other cyber criminals. 

https://www.darkreading.com/attacks-breaches/compromised-credentials-show-that-abuse-happens-in-multiple-phases/d/d-id/1340179?_mc=NL_DR_EDT_DR_daily_20210217&cid=NL_DR_EDT_DR_daily_20210217&elq_mid=102170&elq_cid=34773767

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

The Covid -19 pandemic has been a nightmare for much of the world. But it has been a benefit to the cyber criminal community by providing phishing subject lines that got people to click at an alarming rate. 

https://apscdn.nyc3.cdn.digitaloceanspaces.com/resources/pdf/insights/Covid%20and%20Phishing%20v1%20%202021-02-12.pdf

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

A popular Android app called Barcode Scanner was compromised and delivered malware to the approximately 10 million people who downloaded or update the app. 

https://www.darkreading.com/application-security/android-app-infects-millions-of-devices-with-a-single-update/d/d-id/1340093?fbclid=IwAR2AhA7sCS2z2pYouIvdi0AjEdzKgzLvvGwV_-KtYeNxm9ETyKGtnGT6QK0

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Using stolen identities cyber criminals are registering for unemployment benefits. The current estimate is that Covid-19 employment fraud cost the government over $36 billion in 2020. And if it is your identity that was stolen you would not be able to get the unemployment benefits you may be entitled to. 

https://www.darkreading.com/edge/theedge/unemployment-fraud-as-if-being-out-of-work-wasnt-bad-enough/b/d-id/1340088?fbclid=IwAR2Mx_NO24nnnvaElglyLRH9sy113DCSHMrHOp4uXiL5u_idZ4UXnPC7dcg

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

The approaching Valentine’s Day has given cyber criminals a topic of high interest. Jewelry, flowers, candy, other gifts are all topics that catch people’s eye and interest. And that gets them to click the malicious links. 

https://www.cxotoday.com/security/over-400-valentines-day-themed-phishing-campaigns-spotted-weekly/

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Ransomware attacks can be devastating especially to small and medium companies. Being out of business until the systems are restored is costly, as is paying the ransom. But one company, and there probably are many more, that failed to determine how their systems were compromised. So the attackers returned and the company had to pay another ransom. 

https://www.zdnet.com/article/ransomware-this-is-the-first-thing-you-should-think-about-if-you-fall-victim-to-an-attack/?ftag=TRE6a12a91&bhid=29017885593246285133005340243949&mid=13258092&cid=2201587059

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Quantum computing is an entirely different technology for computers and runs orders of magnitude faster than the fastest conventional computers. The concern is whether that speed will render data encryption methods obsolete. This Insight looks at quantum computing and encryption. 

https://apscdn.nyc3.cdn.digitaloceanspaces.com/resources/pdf/insights/Will%20Quantum%20Computing%20Break%20Encryption?%20v1%202021-02-05.pdf  

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

SMS Bandits is the name for a UK based man who operated a phishing service. The service sent high volumes of messages using different topics of interest to get people to click. 

https://krebsonsecurity.com/2021/02/u-k-arrest-in-sms-bandits-phishing-service/

If clicking the link does not take you to the proper page, copy and paste the link into your browser

There has been much speculation about what happens in the hacker community. But here is an interview with a member of that community who tells some of what life is like for a hacker. 

https://www.darkreading.com/endpoint/interview-with-a-russian-cybercriminal/d/d-id/1340029?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Google just released an update for Chrome that closes an exploited vulnerability. The new version of Chrome with the update is for Windows, Linux, and Mac computers. All users are advised to update as soon as possible.  

https://www.zdnet.com/article/google-patches-an-actively-exploited-chrome-zero-day/?ftag=TRE-03-10aaa6b&bhid=29017885593246285133005340243949&mid=13257984&cid=2201587059

If clicking the link does not take you to the proper page, copy and paste the link into your browser.

Hackers look for any way to steal your information. Now they have a new trick, using other hackers to penetrate your systems. In a recently discovered case, the hackers were piggybacking on the malicious code of other hackers to get your data. 

https://www.bankinfosecurity.com/malicious-skimmer-code-piggybacks-on-other-hackers-code-a-15921?rf=2021-02-04_ENEWS_SUB_BIS__Slot1_ART15921&mkt_tok=eyJpIjoiTURJeE1UYzBNak14TVRJMSIsInQiOiJEQWZZbFRSSmphSzA2Q21JQ3o3YmhMRFM0NEdEaFdUR2diXC9CdlFwN2lkXC9kM0xBRCtxb2VGRmRkSWFyUFBjRFVYbnhNSWQ4d3BKbHdzN2NrQU4xWTZaVml4d25zTiszUzkzTUVIQ1FoTTdcLytJeHhscGFFZzFBZW12WXpUMVN0dCJ9

If clicking the link does not take you to the proper page, copy and paste the link into your browser.