Home > Contributors > Archives for David Bisson

159 Posts

David Bisson

Contributing Editor

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

Written By David Bisson

A woman checks her calendar on a smartphone: scam offers

news

Fraudsters Abuse Smartphone Google Calendar Feature to Push Through Scam Offers

Fraudsters are abusing a Google Calendar feature that's commonly enabled on smartphones to target unsuspecting users with scam offers.

June 12, 2019 | By David Bisson

Website owner discovering an extortion scam on her laptop.

news

Extortion Scam Threatens Website Owners With Reputational Damage

A new extortion scam uses the threat of reputational damage to persuade website owners to pay a ransom fee.

June 11, 2019 | By David Bisson

A security professional analyzes code for a Monero miner.

news

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Researchers observed an attack campaign exploiting CVE-2019-2725 and abusing certificate files to deliver a Monero miner.

June 11, 2019 | By David Bisson

Woman opening Monero-mining malware on an office computer.

news

Fileless Attack Campaign Leverages PCASTLE to Distribute XMRig Monero-Mining Malware

According to researchers, the fileless attack uses PCASTLE to distribute samples of XMRig, a well-known Monero-mining malware family.

June 11, 2019 | By David Bisson

User infected with Buran ransomware via the RIG exploit kit.

news

Malvertising Campaign Infects Users With Buran Ransomware Via the RIG Exploit Kit

A malvertising campaign is redirecting users to the RIG exploit kit, which then attempts to infect them with a new ransomware called Buran.

June 10, 2019 | By David Bisson

A programmer analyzes computer code for vulnerabilities: blacksquid malware

news

BlackSquid Malware Capable of Abusing 8 Exploits to Install XMRig Monero Miner

The new BlackSquid malware is capable of abusing eight notorious exploits in its attempts to install the XMRig Monero miner.

June 5, 2019 | By David Bisson

A user falling victim to a phishing scam.

news

Phishing Scam Leverages Fake List of Undelivered Emails to Trick Users Into Clicking

Researchers discovered a phishing scam that leverages a fake list of undelivered emails to trick users into clicking and offering up their login credentials.

June 4, 2019 | By David Bisson

A man working on a laptop in the office: HiddenWasp

news

New HiddenWasp Linux Malware Focused Solely on Achieving Targeted Remote Control

A new threat called HiddenWasp is different from other Linux malware in that it's focused solely on achieving targeted remote control of infected hosts.

June 3, 2019 | By David Bisson

A woman checks her email at work: data breach

news

New York Nonprofit Organization Traces Data Breach to Employee Email Accounts

People Inc., a nonprofit organization based in New York state, has traced a recent data breach to compromised employee email accounts.

June 3, 2019 | By David Bisson

Woman researching Sodinokibi attacks: ransomware

news

Sodinokibi Ransomware Fixes Scaling Issues, Targets Large Enterprises

Recent variants of Sodinokibi accounted for scaling issues as the ransomware family steadily moves to target large enterprises.

May 28, 2019 | By David Bisson

Fraudsters Abuse Smartphone Google Calendar Feature to Push Through Scam Offers

Latest Mirai Malware Variant Contains 18 Exploits, Focuses on Embedded IoT Devices

Extortion Scam Threatens Website Owners With Reputational Damage

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

HawkEye Malware Operators Renew Attacks on Business Users

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Webinar: Under the Radar: IBM QRadar Demo Series

Webinar: Appliance Networking Topics

Webinar: zSecure Real Time Feeds: Alert vs. Audit

Webinar: zSecure Real Time Feeds: Alert vs. Audit

David Bisson

Written By David Bisson

Fraudsters Abuse Smartphone Google Calendar Feature to Push Through Scam Offers

Extortion Scam Threatens Website Owners With Reputational Damage

Attack Campaign Exploits CVE-2019-2725, Abuses Certificate Files to Deliver Monero Miner

Fileless Attack Campaign Leverages PCASTLE to Distribute XMRig Monero-Mining Malware

Malvertising Campaign Infects Users With Buran Ransomware Via the RIG Exploit Kit

BlackSquid Malware Capable of Abusing 8 Exploits to Install XMRig Monero Miner

Phishing Scam Leverages Fake List of Undelivered Emails to Trick Users Into Clicking

New HiddenWasp Linux Malware Focused Solely on Achieving Targeted Remote Control

New York Nonprofit Organization Traces Data Breach to Employee Email Accounts

Sodinokibi Ransomware Fixes Scaling Issues, Targets Large Enterprises