Cybercrime

Almost every single cyber attack will, at some stage, require a human to be tricked into doing something, according to research by Proofpoint

The UK’s representative to a United Nations cyber security working group has called for increased investment in capacity around cyber security

Operators of the TrickBot banking Trojan have switched to a new downloader to evade detection and analysis for a high-volume malicious spam campaign targeting business, researchers warn

https://www.computerweekly.com/news/252470091/TrickBot-Trojan-switches-to-stealthy-Ostap-downloader

Researchers at Check Point have identified a security flaw in Android-based smartphones that exposes vulnerable users to phishing attacks

Security researchers have discovered a web social engineering toolkit that enables cyber criminals to create fake update notification campaigns

All organisations using Supermicro servers are being urged to update firmware to block remote attacks exploiting vulnerabilities in baseboard management controllers

The NCSC's weekly threat report is drawn from recent open source reporting.

Six months after the first millionaire ethical hacker was announced, five more have been recognised, including a Briton, who have collectively discovered nearly 5,000 vulnerabilities

Security researchers at Google say they’ve found a number of malicious websites which, when visited, could quietly hack into a victim’s iPhone by exploiting a set of previously undisclosed software flaws.

https://techcrunch.com/2019/08/29/google-iphone-secretly-hacked/?guccounter=1&guce_referrer_us=aHR0cHM6Ly90LmNvLzhhWHhyVjF4TGU_YW1wPTE&guce_referrer_cs=MgmZVL2sVIO8e1lxycVQ-A

A phishing campaign targeting utility grid operators uses a PDF attachment to deliver spyware.

https://threatpost.com/adwind-spyware-as-a-service-attacks-utility-grid-operators/147525/