March 2020

Prevailion CEO: Cyberattacks on Healthcare Won’t be Tolerated

As if the world needed another example, a ransomware group has proven there is no honor among thieves.  The cybercriminal group Maze attacked the network of Hammersmith Medicines Research, a London-based medical research company, on March 14. The group then leaked the personal data and medical details of thousands of former patients online, according to ComputerWeekly. HMR is one of several London firms situated to conduct medical trials for COVID-19 vaccines.  Beyond the despicable nature of the attack, of note is that Maze had made a public vow on March 18 not to...

Share Post

BEC Campaign Targets HR Departments: Report

TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to researchers from Prevailion, a security monitoring firm. ...

Share Post

TA505 Targets HR Departments with Poisoned CVs

Infamous cybercrime organization spotted in attacks that employ legitimate software -- and Google Drive. A newly discovered attack campaign by the notoriously prolific TA505 cybercrime organization now is targeting businesses in Germany via their human resources executives....

Share Post

15 Coronavirus Online Scams to Watch Out For

Fake websites that claim to offer information or treatments for coronavirus are another significant threat. The security industry has already uncovered one case in which hackers are using an interactive map of coronavirus infections created by Johns Hopkins University to trick people into landing on a malicious website. They are selling these ‘infection kits’ to other hackers in the Dark Web, said Karim Hijazi, CEO of Prevailion, a cyber intelligence company headquartered in Columbia, Maryland. ...

Share Post

Map of TA505 Activity Shows Global Foothold After Necurs Botnet Goes Dark

Just shy of a week after Microsoft squeezed cyber criminals out of the prolific Necurs botnet infrastructure, threat actors like TA505 still maintain a foothold on networks throughout the world. Findings from Prevailion's compromise intelligence platform on Wednesday showed the IP addresses TA505 have actively infected around the globe. Prevailion's Chief Data Scientist Nate Winslow shared a map of this activity, along with his insight of the findings, on LinkedIn today. "Cyber crime is not slowing down because of COVID-19. The TA505 group is a prime example we see in our data. If...

Share Post