Articles of interest from the week of September 9, 2019

Social Engineering a Factor in Virtually All Cyber Attacks, Report Claims

The exploitation of human failings to attack enterprises using so-called social engineering attacks through cloud applications, email or social media, is a factor in up to 99% of cyber attacks, according to the latest annual Human factor report. (By Alex Scroxton, Computer Weekly)

Secret Service Investigates Breach at U.S. Govt IT Contractor

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. (By Krebs on Security)

Thousands of Servers Infected with New Lilocked (Lilu) Ransomware

Thousands of web servers have been infected and had their files encrypted by a new strain of ransomware named Lilocked (or Lilu). Infections have been happening since mid-July, and have intensified in the past two weeks, ZDNet has learned. (By Catalin Cimpanu, ZDNet)

5 Ways Organizations Can Defend Against Living Off The Land Attacks

Hackers nowadays are going old-school again. If you take a look at the some of the recent hacking events, techniques and strategies that were used years back have come back to the fore again. One such concept of hacking that is gaining traction among hackers is Living off the Land (LotL) Attacks. (By Harshajit Sarmah​, Analytics India Magazine​)

Joker Spyware Found in 24 Google Play Apps

A new spyware has been making the rounds in Android apps on Google Play, infecting victims post-download to steal their SMS messages, contact lists and device information. In addition to stealing victims’ information, the malware also stealthily signs them up for premium service subscriptions that could quietly drain their wallets. (By Lindsey O'Donnell, Threatpost)