ACG-CYBER SECURITY BULLETIN NR 46: UNDERSTANDING A MALWARE KNOWN AS “DYRE WOLF”

A Dyre Wolf malware is an ultra-sophisticated cyber fraud scam that makes use of DDoS attacks, spear phishing, and even good old fashioned social engineering. This scam starts off when the attacker sends out spam email with unsafe attachments designed to inject the Dyre malware into as many computers as possible.

Please click here for details...

ACG-CYBER SECURITY BULLETIN NR 45: MAN IN THE E-MAIL SCAM

The PNP ACG cautioned businesses about a new fraud scheme known as “Man in the E-mail”. The cyber criminals intercept legitimate e-mails between purchasing and supply companies and spoof subsequent emails by impersonating each company to the other and instructing the purchasing company to send payments to a new bank account due to an audit being conducted in their standard bank.

Please click here for details...

ACG-CYBER SECURITY BULLETIN NR 43: UNDERSTANDING THE RISK OF POINT-OF-SALE (PoS) MALWARE

The Point-of-Sale (PoS) malware named, “Backoff” has been discovered to exploit business administrator accounts remotely and exfiltrates consumer payment data. This malware can use publicly available tools, to locate businesses that use remote desktop applications such as Microsoft, Apple, Chrome, Splashtop 2 and LogMeln. Once these applications are located, cyber criminals may attempt to brute the login features of the remote desktop solution. After gaining access to the said administrator or privileged access accounts, the suspects were able to deploy the Point-of-Sale (PoS) malware and subsequently exfiltrate consumer payment data via an encrypted post request.

Please click here for details...

ACG-CYBER SECURITY BULLETIN NR 44: THE RISK OF STRUCTURED QUERY LANGUAGE (SQL) INJECTION

The Structured Query Language Injection (SQLI) is a mode of attack to compromise a database of an organized collection of data and supporting data structures. These data includes usernames, passwords, text, etc. Structured Query Language is the programming language used to manage data in a database like the Relational Database Management Systems (RDBMS). The types of management systems that employ Structured Query Language include Microsoft SQL Database, Oracle, MySQL, PostgreSQL, and others.

Please click here for details...

ACG-CYBER SECURITY BULLETIN NR 42: COMPUTER NETWORK EXPLOITATION

Computer Network Exploitation (CNE) is a technique through which the computer networks are used to infiltrate target computer networks to extract and gather information. It enables the exploitation of the individual computer and networks of such organization in order to collect sensitive or confidential data, which is typically kept hidden and protected from the general public.

Please click here for details...

Additional information