Uwaga????

Santander Bank Polska on LinkedIn: Warning❗️❗️ We receive information that you receive e-mails impersonating our bank and informing you that you need to complete "update and verify account information."

Sim-swap fraud: how criminals hijack your number to get into your bank accounts – Which? News

Reports to Action Fraud of a scam known as Sim-swap fraud – where a criminal tricks your mobile network into transferring your phone number to a Sim card in their possession – have rocketed by 400% since 2015.

The dark web has a longstanding reputation as a haven for the worst kinds of criminal activity. This reputation is not wholly unjustified, as there are indeed terrible things happening around the world that can be bought and sold on the dark web.

The Microsoft 365 Defender Research Team informs about the case. The new malicious program belongs to the ransomware category and is said to be very advanced; it also uses modern techniques and is an example of the rapid evolution of ransomware on mobile devices. The program was named AndroisOS / MalLocker.B and it is the newest variant of the whole family of malicious code of this type.

The Office for Fighting Cybercrime of the Polish Police warns against messages sent by cybercriminals informing about summons to the Police. Downloading and opening the attachment can infect your computer with malware, resulting in the theft of personal data or the complete lockdown of the computer, for which the criminals demand a ransom.

Fraudsters use a new feature available on the OLX portal to obtain the payment card details of the website users. They communicate using other messengers, such as WhatsApp or Facebook Messenger. Recently, an option appeared on the OLX portal that was to increase the safety of users. These are direct transactions and deliveries in cooperation with Sendit.pl.

Ransomware has evolved into a significant threat for all types of organizations. How and why is it such a pervasive issue, and how can organizations better defend themselves against it? Organizations face a variety of cyberthreats, from phishing campaigns to malware to Distributed Denial of Service (DDoS) attacks to brute force attacks and more.

Almost 20% of phishing campaigns last quarter spoofed Microsoft as many people continue to work remotely due to the coronavirus pandemic, says Check Point Research. Phishing attacks work in large part by exploiting well-known companies, brands, and products.

Ryuk in 5 Hours

The Ryuk threat actors went from a phishing email to domain wide ransomware in 5 hours. They escalated privileges using Zerologon (CVE-2020-1472), less than 2 hours after the initial phish. They used tools such as Cobalt Strike, AdFind, WMI, and PowerShell to accomplish their objective.

Phishing Lures Shifting from COVID-19 to Job Opportunities

Fortinet researchers are seeing cybercriminals shift their lures in spear phishing and phishing attacks from healthcare to job hirings.