Three ransomware attacks from last week caused notable disruptions on institutions from different public sectors, namely on an energy company, a law enforcement agency, and several public schools.
Threat actors are targeting Linux servers with vulnerable software, namely the project management tool Jira and the message transfer agent Exim, using a variant of the Watchbog trojan, which drops a Monero miner to expand their botnet.
Cybercriminal group FIN8 reappeared with new PoS malware Badhatch, capable of scraping credit card data, installing a backdoor, and allowing remote access, among other routines.
The US Department of Education released a security advisory on ERP vulnerabilities after 62 institutions were infiltrated, stealing students' IDs to create fake accounts.
Two phishing trends have recently been gaining traction: going after Microsoft Office 365 administrators and using compromised legitimate accounts for phishing.
The total amount cybercriminals attempted to steal via business email compromise (BEC) scams rose to an alarming average of US$301 million per month — a substantial increase from the US$110 million monthly average that was tracked in 2016.
The GandCrab gang might be back to their old tricks. Various security researchers reported that the group might be responsible for releasing a more advanced ransomware variant called Sodinokibi.
New mobile malware Agent Smith targets Android devices to install malicious versions of popular apps. The malware displays fraudulent ads for the attackers' financial gain but can be further used for bigger attacks. Google has removed the malicious apps.