threat updates
UK
The UK government issued a
cybersecurity alert to warn charities
of a spike in the number of criminals
trying to access and change the
private information of staff.
The government said it had received
several reports from charities that
had been targeted by fraudsters
impersonating members of staff,
specifically attempting to change
employees’ bank details.
In all these cases the request
was made through an email.
Charities are being urged to look
out for requests to HR, the finance
department or staff with authority
to update employees’ bank details,
usually from a spoofed or similar
email address to that of the subject
being impersonated.
GLOBAL
Sophos has published an investigative report, Snatch
Ransomware Reboots PCs into Safe Mode to Bypass Protection,
by SophosLabs and Sophos Managed Threat Response.
The report details the changing attack methods of Snatch
ransomware, first seen in December 2018, including rebooting
PCs into safe mode mid-attack in an attempt to bypass
behavioural protections that detect ransomware activity.
Sophos believes this is a new attack technique adopted by
cybercriminals for defence evasion.
Continuing a trend noted in SophosLabs’ 2020 Threat Report,
the Snatch cybercriminals are now also exfiltrating data before
the ransomware attack begins.
24
Issue 21
|
www.intelligentciso.com