Go to listing page

Live Updates: COVID-19 Cybersecurity Alerts

Live Updates: COVID-19 Cybersecurity Alerts

Share Blog Post

Hackers see any major event as an opportunity for sabotage or manipulation and the global spread of COVID-19 is a prime example of this. Since the first news stories broke, cybercriminals have been active with malware and phishing campaigns using coronavirus-themed lures. In light of this, Cyware has created this resource to collect and share live updates on the latest COVID-19-related threat intelligence, alerts, malware attacks, phishing attacks, scams and more. We are actively working to keep this page updated and accurate in order to ensure that it is timely and relevant to as many people as possible.

_______________________________________________________________________________________

(August 21, 2020)


Industrial Control Systems are at more risks during coronavirus

Seven in 10 security vulnerabilities affecting industrial control systems (ICS) can be exploited remotely, giving state-sponsored malicious actors a leg up. The risk has been exacerbated by the increased reliance on remote access to ICS networks amid the COVID-19 pandemic. State-sponsored malicious threat actors have been using remotely-exploitable flaws to disrupt critical systems in rival nations.


_______________________________________________________________________________________

(August 20, 2020)


Working from home leading to security breaches

The COVID-19 pandemic shows little sign of slowing down, but for many businesses, employees are still working remotely and from home offices. While some companies are gearing towards reopening their standard office spaces in the coming months, they may also be facing repercussions of the rapid shift to remote working models in the cybersecurity space. 

Ref - ZDNet

_______________________________________________________________________________________

(August 19, 2020)


Hackers attacked COVID-19 researchers in the U.S.

Hackers had locked down several servers used by the epidemiology and biostatistics department at the University of California at San Francisco and wanted a $3 million ransom to give them the keys. The UCSF negotiator said the attack couldn’t have come at a worse time. The department was racing to try to help develop some kind of treatment or vaccine for COVID-19.

Ref - Bloomberg

_______________________________________________________________________________________

(August 18, 2020)


Working from home is a bigger security risk - Verizon report

Verizon recently released an update to its 2020 Verizon Data Breach Investigations Report examining the impact of the COVID-19 pandemic on cybersecurity. The report found out increased security vulnerabilities and the emergence of new cyberattack tactics associated with the new reliance on remote workers. Now, many industries are moving to have their employees working almost exclusively online.


_______________________________________________________________________________________

(August 18, 2020)


The effect of coronavirus on healthcare cybersecurity

During the COVID-19 pandemic, risks to the healthcare industry’s fragile cybersecurity infrastructure are at an all-time high. From increased cyberattacks to exacerbated vulnerabilities to costly human errors, if healthcare cybersecurity wasn’t circling the drain before, COVID-19 sent it into a tailspin.


_______________________________________________________________________________________

(August 17, 2020)


COVID-19 themed cyberattacks are still active

Interpol has issued a warning about the rising levels of cybercriminal activity related to the COVID- 19 pandemic. Phishing attacks purporting to share information about any eagerly awaited COVID-19 vaccine will be launched long before it might ever become available. From January through April, roughly 907,000 spam messages, 737 incidents related to malware, and 48,000 malicious URLs have been tracked, which have some connection to COVID-19.

Ref - Barracuda

_______________________________________________________________________________________

(August 16, 2020)


Canadian site faces cyberattack that stole COVID-19 relief payments

According to the statement released by the Office of the Chief Information Officer of the Government of Canada, Canadian government sites, that are used to provide access to crucial services for immigration, pension, and benefits, have been breached in a coordinated attack to steal COVID-19 relief payments. Their GCKey system had also experienced a cyberattack. Using the "credential stuffing" technique, attackers managed to get into some 9,041 GCKey accounts of the total 12 million users.


_______________________________________________________________________________________

(August 14, 2020)


COVID-19 changing the way hackers work and who they target

Amid COVID-19, hackers have presented opportunities on multiple fronts. They play on people’s concerns about the virus by presenting phishing schemes or malware disguised in fake Centers for Disease Control and Prevention (CDC) alerts that talk about the latest vaccine or treatment developments. Hackers quickly used the pandemic and related anxiety to lure people into phishing schemes and malware attacks.


_______________________________________________________________________________________

(August 13, 2020)


Coronavirus-related cyber attacks increased up to 30%

Researchers at Check Point Software Technologies have seen 192,000 coronavirus-related cyber-attacks per week over the past three weeks, a 30 percent increase compared to previous weeks. In the past three weeks, almost 20,000 new coronavirus-related domains were registered, about 17 percent of which are malicious or suspicious. So far, since the beginning of the outbreak, a total of 90,284 new corona related domains have been registered globally.


_______________________________________________________________________________________

(August 12, 2020)


NHS targeted with scam emails amid COVID-19 pandemic

NHS staff were hit with a wave of malicious email attacks at the height of the COVID-19 pandemic, with doctors, nurses, and other key workers reporting over 40,000 spam and phishing attacks between March and the first half of July. It is revealed that NHS staff reported 21,188 malicious emails in March alone. In April, 8,085 emails were reported by staff, with 5,883 emails reported in May, 6,468 in June and 1,484 in the first half of July.

Ref - ZDNet

_______________________________________________________________________________________

(August 11, 2020)


Cyber attackers targeting coronavirus small business loan program

The Department of Homeland Security’s cyber agency warned that a ‘malicious cyber actor’ is targeting a Small Business Administration (SBA) webpage used to funnel loans to businesses during the COVID-19 pandemic. An unknown malicious cyber actor is found to be spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious redirects and credential stealing.

Ref - The Hill

_______________________________________________________________________________________

(August 11, 2020)


Threat actors also active in the race of coronavirus vaccine

Threat actors and hackers have been closely following the pandemic’s development globally. In the race for a vaccine, a double number of vaccine-related new coronavirus domains have been observed between June and July. In fact, 1 out of every 25 malicious coronavirus-related websites’ landing pages is vaccine-related. Cybercriminals are planning to take advantage of the latest developments.


_______________________________________________________________________________________

(August 11, 2020)


Managing work from home risks through COVID-19 and beyond

Work from home (WFH) brings many benefits to organizations, but it creates risks by virtually inviting cyberattacks along multiple vectors. To stay protected, organizations should equip users to work securely from home, enable MFA as broadly as possible, and close the privileged attack vectors. Businesses around the world need to act towards ensuring security, by deploying security mechanisms such as MFA and through more comprehensive security program governance.


_______________________________________________________________________________________

(August 10, 2020)


Healthcare security lessons learned from COVID-19-themed cyber attacks

There are four lessons that can be distilled to help protect hospitals and healthcare divisions from COVID-19-themed cyber attacks. One of the most crucial lessons learned is inventory automation, i.e. knowing where each medical device was and its availability through the first surge. Second is prioritizing security to ensure that the automated inventory process is working smoothly. The third is implementing remediation and last is measuring the utilization of network resources.


_______________________________________________________________________________________

(August 9, 2020)


A coronavirus-driven threat targeting Netflix users

As Netflix subscriber numbers rose by 10 million during the coronavirus lockdown months, so did the security threats. An alarming rise has been observed in the number of web addresses that have been explicitly registered so that cybercriminals can target Netflix users. A massive rise in phishing URLs targeting Netflix of 646% showed attackers are looking to capitalize on Netflix's growth.

Ref - Forbes

_______________________________________________________________________________________

(August 8, 2020)


A security change needed for COVID-19 work-from-home 

A new report by Kaspersky suggests that the rapid shift to working from home has left corporate security in the lurch and recommends ways to improve support and security. The report ‘How COVID-19 changed the way people work’ came out of interviewing more than 6,000 people in 12 countries. It found that many businesses were ill-equipped to face homeworking security challenges.

Ref - Kaspersky

_______________________________________________________________________________________

(August 7, 2020)


Cyberattack with coronavirus crisis puts “Travelex” into administration

More than 1,300 UK jobs at foreign exchange company Travelex will be cut as a major cybersecurity attack in 2019 combined with this year’s COVID-19 slowdown taking their toll. PricewaterhouseCoopers (PwC) has been appointed administrator, and through a complex restructuring deal, which has seen some of its assets sold, the company has raised £84m and saved 1,800 UK jobs. Reports also suggest that attackers probably used an unpatched vulnerability in Pulse Secure VPNs (CVE-2019-11510) for this attack.


_______________________________________________________________________________________

(August 8, 2020)


The US expanded its clean network to protect coronavirus vaccine research data

As concerns mount over China’s efforts to swipe intellectual property from U.S. companies, including the COVID-19 vaccine research, the State Department has expanded its Clean Network program to protect U.S. critical telecommunications and technology infrastructure. Among the key objectives is to push vaccine research and other sensitive information to secure clouds. The programs are rooted in internationally accepted digital trust standards.


_______________________________________________________________________________________

(August 6, 2020)


Hacked data broker accounts used for phony COVID-19 loans

A group of thieves is thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts. They were impersonating as genuine people by leveraging several compromised accounts at a little-known U.S. consumer data broker. They shared highly detailed personal and financial records on Americans via a free web-based email service.


_______________________________________________________________________________________

(August 5, 2020)


Half of the businesses hit by coronavirus related cyber attacks

According to the research of 416 security and 425 business executives by Forrester Consulting and Tenable, 41% of respondents reported the statistic related to COVID-19, while 94% of executives said that their firms experienced a business-impacting cyber-attack or compromise within the past 12 months. This results in a loss of a customer, employee, or other confidential data and interruption of day-to-day operations.


_______________________________________________________________________________________

(August 5, 2020)


The second wave of COVID-19-themed cyber attacks

According to Interpol, a further increase in cyber attacks exploiting the COVID-19 coronavirus pandemic is highly likely shortly, particularly if there is substantial progress towards a vaccine. The organization said that should a vaccine become available, it was highly possible that there will be a second spike in phishing attacks related to vaccines and other medical products, as well as network intrusion and other attacks to steal research data.


_______________________________________________________________________________________

(August 5, 2020)


COVID-19 highlights the need for cooperation to prevent cyberattacks

As threat actors gain momentum with COVID-19-related malware and phishing scams, security and business leaders are concerned about the impact on the enterprise. According to a new report from Tenable, several businesses were already having a disconnect between an organization's business and security, which was exacerbated by the COVID-19 outbreak. The report also suggested that by April, 41% of respondents had at least one cyberattack directly related to COVID-19 in the last 12 months.


_______________________________________________________________________________________

(August 5, 2020)


Coronavirus leads to an increase in cyberattacks

According to the latest Global Incident Response Report by cybersecurity company VMware Carbon Black, security professionals have seen a surge in cyberattacks related to the coronavirus pandemic. Over half (53%) encountered or observed an increase in cyberattacks exploiting COVID-19, in the survey of incident response (IR) professionals from around the world.

Ref - Yahoo

_______________________________________________________________________________________

(August 4, 2020)


The impact of COVID-19 on ransomware, threats, and healthcare cybersecurity

COVID-19 has significantly shifted the threat landscape from attacks on individuals and small businesses to critical infrastructure, governments, and major corporations. Malicious cyberattacks were behind the majority of healthcare IT security incidents. From January to April on just one of the agency’s private sector partners, Interpol detected about 907,000 spam messages, 737 malware-related events, and 48,000 malicious URLs tied to COVID-19. 


_______________________________________________________________________________________

(August 4, 2020)


The growing rate of cyberattacks aimed at critical infrastructure

As COVID-19 cases around the United States continue to rise, the International Criminal Police Organization (Interpol) says that governments are seeing an "alarming" rate of cyberattacks aimed at major corporations, governments, and critical infrastructure. Malicious actors have switched focus from "individuals and small businesses to government agencies and the healthcare sector, where higher financial demands can be made."

Ref - ABC News

_______________________________________________________________________________________

(August 4, 2020)


The top ten COVID-19 scams ongoing in the UK

A new report released by the UK's top lobbying body for the financial sector has revealed the top 10 scams used by fraud groups. Some fraudulent attempts seek to manipulate victims into investing in bogus business opportunities. According to UK Finance, the crème-de-la-crème of these swindles can be separated into three major categories: financial support scams, health, and lockdown scams.


_______________________________________________________________________________________

(August 3, 2020)


Pandemic changing security landscape at financial institutions

Due to the tough macroeconomic conditions resulting from the COVID-19 pandemic, many organizations need to take a hard look at cutting expenses. Cybersecurity organizations will need to quickly adapt to this new operating environment by implementing enhanced controls and endpoint protection technologies to exert greater control over end-user devices.


_______________________________________________________________________________________

(July 30, 2020)


China-based hackers targeted COVID-19 vaccine firm 

Chinese government-linked hackers targeted biotech company Moderna Inc., a leading U.S.-based coronavirus vaccine research developer, earlier this year in a bid to steal valuable data, according to a U.S. security official tracking Chinese hacking activity. Moderna, which is based in Massachusetts and announced its COVID-19 vaccine candidate in January 2020.

Ref - Reuters

_______________________________________________________________________________________

(July 30, 2020)


Impact of the coronavirus pandemic on cybersecurity

The COVID-19 pandemic has presented a once-in-a-lifetime opportunity for hackers and online scammers, and cybersecurity professionals saw a 63 percent increase in cyber-attacks related to the epidemic. As the global impact of COVID-19 manifested itself in the middle of March, ESG and ISSA conducted an in-depth survey in April 2020 as a point in time assessment of challenges posed by the pandemic.

Ref - Yahoo

_______________________________________________________________________________________

(July 30, 2020)


COVID-19's impact on Dark Web travel agencies

Digital Shadows has published an updated blog that examines the state of the Dark Web travel industry. Researchers found that airline-specific customer accounts were available on cybercriminal marketplaces, whose price depends on associated frequent flyer points or air miles. Cut-price gift cards for airlines–either stolen or purchased with airline points or stolen credit cards, were also available, often at massive discounts of 30 to 50% off retail value.

_______________________________________________________________________________________

(July 29, 2020)


The regular influx of COVID-19 lures and cyber activities

With half a year passed from the outbreak of COVID-19, cyberattacks exploiting the pandemic are showing no sign of slowing down in Q2 2020, according to the new ESET Threat Report Q2 2020. ESET specialists observed a continued influx of COVID-19 lures in web and email attacks, with fraudsters still trying to make the most out of the crisis.


_______________________________________________________________________________________

(July 29, 2020)


Cybercrime increased amid coronavirus pandemic

According to a new study from cloud computing company Iomart, large-scale breaches are growing in intensity and frequency in 2020, with the number of breaches increasing 273% in the first quarter, compared to the same time last year (2019). 

Ref - CNBC

_______________________________________________________________________________________

(July 29, 2020)


IT leaders were not prepared for COVID-19-themed cyber attacks

A report published by security firm Tanium describes how IT leaders were surprised by the security threats and challenges they've had to face in the wake of COVID-19. The top three challenges faced by the organizations included the identification of new computing devices, overuse of IT capacity due to VPN requirements, and increased risks from video conferencing applications.


_______________________________________________________________________________________

(July 29, 2020)


Businesses are now learning hard lesson with their cloud providers

With the advent of the novel coronavirus, companies are now learning hard lessons about the reliability and responsibility of their cloud providers. During audits, regulators in financial services and healthcare have made explicit security/privacy protections without material liability results in illusory protection. They are not consistent with exercising reasonable care in the protection of sensitive data.


_______________________________________________________________________________________

(July 29, 2020)


Impact of COVID-19 on US government cybersecurity market

The government cybersecurity market in the US is expected to grow by USD 11.50 billion during 2020-2024, according to a report “Government Cyber Security Market.” The report also provides the market impact and new opportunities created due to the COVID-19 pandemic. It expected that the effect to be significant in the first quarter but gradually lessen in subsequent quarters, with a limited impact on the full-year economic growth.

Ref - Yahoo

_______________________________________________________________________________________

(July 28, 2020)


Americans working from home are more vulnerable to COVID-19 themed cyberattacks

The cybercrime risks faced by Americans working from home are just the tip of a very dangerous cyberattack iceberg. Strong evidence indicates that Russia, China, and potentially other adversaries have been attempting to hack universities and research institution’s databases to steal potentially lifesaving COVID-19-related intellectual property. Pharmaceutical companies also have seen a barrage of hacking attempts.

Ref - Forbes

_______________________________________________________________________________________

(July 28, 2020)


Cloud and security challenges while working from home 

As organizations quickly moved to a fully remote, work-from-home scenario in response to the pandemic, several companies had to struggle to make sure that employees can access the data and applications they need from wherever they are working. When something is done quickly, but not deliberately (like migrating to the cloud and SaaS model), mistakes can be expected. And it can not be said for sure if the step was a good thing or a bad thing.


_______________________________________________________________________________________

(July 28, 2020)


Increased fraud and cyber risks for e-commerce merchants

As consumers increasingly turn to online shopping for essential and non-essential goods due to coronavirus, while at home, fraudsters have adapted their technique to use more sophisticated tactics against consumers, banks, and merchants. A recent study from Forter shows fraud attacks increased by 19 percent, globally ranging from return abuse and shipping fraud to account takeovers, identity manipulation, and other emerging threats. 


_______________________________________________________________________________________

(July 27, 2020)


Business ID theft rises amid COVID-19 closures

Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned. An aggressive business ID theft ring that’s spent years targeting small businesses across the country is now pivoting toward using that access for pandemic assistance loans and unemployment benefits.


_______________________________________________________________________________________

(July 27, 2020)


Russian hackers who attacked U.S. presidential election are targeting coronavirus vaccine research

A Russian cyberespionage group that hacked into election networks before the 2016 U.S. presidential election is now attempting to steal coronavirus vaccine information from researchers in the U.S., U.K., and Canada. The governments of those three countries issued a warning on July 16 saying that the group known as APT29 or “Cozy Bear” is targeting vaccine development efforts. The group is well known for its cyber-espionage campaigns.
 
Ref - Firstpost

_______________________________________________________________________________________

(July 26, 2020)


Over 200,000 coronavirus-related cyber-attacks are being launched per week

Coronavirus related cyber-attacks sharply increased from under 5,000 per week in February 2020 to over 200,000 per week in late April. The report, "Cyber Attack Trends: 2020 Mid-Year Report" addressed how criminal, political and non-state threat actors have exploited the COVID-19 pandemic to target organizations across all sectors, including government, industry, critical infrastructure, and healthcare.

Ref - Jpost

_______________________________________________________________________________________

(July 26, 2020)


More people are going to work from home in post coronavirus world

Security models that better address cloud apps, mobility, and BYOD will clearly need to evolve to address related data protection, because new research underlines the fact that more people will likely prefer to work from home, even when the pandemic passes. While the world continues to grapple with COVID-19, one security-related trend has emerged with nearly 100% certainty, higher numbers of remote workers are very likely here to stay.


_______________________________________________________________________________________

(July 24, 2020)


Internet users are being targeted by COVID-19 fraud 

Around 32% of consumers say they have been targeted by digital fraud related to COVID-19, with phishing emerging as the world’s top digital fraud scheme related to the pandemic, according to TransUnion, the US consumer credit reporting agency. TransUnion aggregates information on over 1 billion individual consumers in more than 30 countries around the world. Its customers include over 65,000 businesses.


_______________________________________________________________________________________

(July 24, 2020)


The banking industry is the first choice for cybercriminals amid coronavirus

The banking industry has emerged as the choice target for cybercriminals during the COVID-19 pandemic, with the number of cyberattack incidents on financial institutions seeing a marked spike during the lockdown months, the Reserve Bank of India said in its Financial Stability Report. The central bank added that it has issued at least ten advisories and alerts in coordination with Indian Computer Emergency Response Team (CERT-In) on various cyber threats and best practices to be adopted.


_______________________________________________________________________________________

(July 23, 2020)


A sharp spike in pandemic inspired ransomware attacks

According to SonicWall’s 2020 Cyber Threat Report, ransomware attacks are up, particularly in the U.S., where they have more than doubled year-over-year (up 109 percent). Meanwhile, malware targeting IoT devices has risen to 20.2 million, up 50 percent from this time last year, as cybercriminals target the massive influx of employees working from home. At the same time, encrypted malware and crypto mining have seen resurgences.


_______________________________________________________________________________________

(July 23, 2020)


State-backed cyber attacks increased amid COVID-19

Cyber attacks from Advanced Persistent Threat (APT) actors backed by nation-states that are focused on gathering intel on COVID-19 research are on the rise, according to the Global Threat Intelligence Center (GTIC) Monthly Threat Report by technology company NTT Ltd. Attacks from Advanced Persistent Threat (APT) actors continued to be on the rise, despite COVID-19; in fact, the virus has added fuel to the fire and has provided a cover for their operations.


_______________________________________________________________________________________

(July 23, 2020)


Data privacy concern of COVID-19 contact tracing apps

Developers, governments, and regulators must work with the cybersecurity industry to apply rigorous standards to contact-tracing apps to make sure it doesn’t extend into personal privacy. As opt-in contact-tracing applications across the US are being built for state-specific usage, attention inevitably turns to the privacy risks they present, and how authorities must balance public health with cybersecurity to build systems that are fully fit for purpose.


_______________________________________________________________________________________

(July 22, 2020)


Venture-capital investment cybersecurity impacted with COVID-19

The pandemic has infected funding for cybersecurity startups, it also has emboldened some startups with innovative tools that secure the wave of at-home work. Not even the traditionally flush cybersecurity venture-capital sector has escaped the economic fallout of the COVID-19 pandemic: New data shows early-stage investment dropped by more than 37% in the first half of 2020. But there are still signs of growth in cybersecurity investment.


_______________________________________________________________________________________

(July 22, 2020)


The decline in early cyber investments remains alongside coronavirus concerns

Fewer face-to-face meetings between security startups and potential investors contributed to a steep decline. Investments in early-stage cybersecurity companies fell by 37.7% during the second fiscal quarter of 2020, compared to the same time period in 2019. It’s a downward trend that began at the end of last year and continued into the first months of 2020 as global economies reacted to the coronavirus pandemic.


_______________________________________________________________________________________

(July 22, 2020)


Cybersecurity lessons from the coronavirus pandemic

There are cyber threats out there that people know to exist amid pandemic like COVID-19. People prepare for those and implement security controls to protect business and society from these known inevitable threats. Then there are unknowns. These unknowns are typical of three types: The unknown knowns (tacit knowledge). The known unknowns (the ignorance people are aware of). And the last unknown unknowns (meta-ignorance). 


_______________________________________________________________________________________

(July 22, 2020)


COVID-19 crisis prompting cyberattacks across networks, cloud and mobile

Check Point released its ‘Cyber Attack Trends: 2020 Mid-Year Report’, which shows how cybercriminal, political and nation-state threat actors have exploited the COVID-19 pandemic. COVID-19 related phishing and malware attacks increased dramatically from under 5,000 thousand per week in February, to over 200,000 per week in late April. Also, in May and June, as countries started to ease lockdowns, threat actors also stepped up their non-COVID-19 related exploits, resulting in a 34% increase in all types of cyber-attacks.


_______________________________________________________________________________________

(July 21, 2020)


US charges Chinese COVID-19 research 'cyber-spies'

The US justice department has accused China of sponsoring hackers who are targeting labs developing COVID-19 vaccines. Officials have charged two Chinese men who allegedly spied on US companies doing coronavirus research and got help from state agents for other thefts. The accusations against former electrical engineering students Li Xiaoyu and Dong Jiazhi, include charges of trade secret theft and wire fraud conspiracy.

Ref - BBC

_______________________________________________________________________________________

(July 21, 2020)


Ransomware attacks increases as crooks target remote working

Ransomware attacks have surged drastically during the first half of this year, as cybercriminals look to spread their file-encrypting malware while many people are working from home. Analysis of malicious activity throughout the year published in Skybox Security's 2020 Vulnerability and Threat Trends Report says ransomware has thrived in the first half of the year, with a 72% increase in new samples of the file-encrypting malware.

Ref - ZDNet

_______________________________________________________________________________________

(July 21, 2020)


COVID-19 offered unique opportunities for fraudsters

The COVID-19 crisis has created a ripe environment for fraudsters to operate, a recent online panel discussion held by security firm Kaspersky has outlined. This is primarily due to the increased reliance of individuals on digital services as a result of lockdown restrictions. In the session, it was revealed that online shopping fraud has risen by 55% compared to 2019 due to the substantial rise in eCommerce and home deliveries during the pandemic.


_______________________________________________________________________________________

(July 21, 2020)


COVID-19 exposing security gaps and fueling cyber attacks

The majority of businesses worldwide have seen a jump in cyber attacks as a result of employees working from home, with most reporting an increase in COVID-19 related malware. In Singapore, the global pandemic also revealed gaps in organizations’ disaster recovery plans and IT operations. Around 91% of enterprises reported an increase in cyber attacks with more employees working from home amidst the coronavirus outbreak.

Ref - ZDNet

_______________________________________________________________________________________

(July 21, 2020)


Major concerns and risks for strengthening security posture

Balbix Inc. released its 2020 Cybersecurity 360 Report. The report assesses the state of the enterprise cybersecurity posture in the wake of COVID-19 when the majority of organizations have rapidly adjusted to remote work policies and escalating threats. The findings identify the perennial challenges and primary risk drivers that security professionals are currently facing. The report found that 89 percent of security professionals are most concerned about phishing, web, and ransomware-type attacks.


_______________________________________________________________________________________

(July 20, 2020)


The rise in DDoS attacks lost in pandemic

DDoS attacks amid COVID-19 pandemic, ticked up during the first part of 2020, were most handily absorbed by the internet backbone and the defensive efforts of targeted companies. DDoS attacks are usually high in Q1 and in Q2 the number drops. Therefore, this year it is unusual that Q1 and Q2 are almost equal. In addition, compared to the same period of Q2 2020, DDoS attacks grew more than threefold, so that can be considered as a dramatic change.


_______________________________________________________________________________________

(July 20, 2020)


The role of managed services in a post-COVID-19 world

The critical role of managed services should be examined in a post-COVID-19 world. For small and medium-sized businesses, that means taking advantage of managed security services that converge technology and expertise in ways that meet their unique needs. It’s what will allow them to run fast and lean without risking gaps in network resilience and security in a world that’s even more digitally dependent and socially distanced than ever before.


_______________________________________________________________________________________

(July 20, 2020)


Cybersecurity spending will grow due to the impact of the coronavirus

Spending on security products and services for 2020 could increase as much as 5.6%, or as little as 2.5%, depending on the economic impact of the coronavirus on IT budgets. In a best-case scenario, global cybersecurity spending will grow by 5.6% in 2020, reaching $43.1 billion. In this instance, security investments will continue to outpace the economy with increases in spending on endpoint security, network security, web, and email security.


_______________________________________________________________________________________

(July 20, 2020)


Security practice in the post-coronavirus office

Many employees and businesses have shifted their workforce, and unfortunately, this also includes workforce reductions. So, IT departments should conduct a comprehensive employee audit, ensuring those who are still with the company have access to the files and programs they need, while also disabling access for employees who are no longer with the company. This also extends to employees who have transitioned to other teams within the organization.


_______________________________________________________________________________________

(July 20, 2020)


Russian and Chinese intelligence services looking for coronavirus vaccine data may not be a violation of cyber rules

Lawmakers are pushing for stiff consequences against Russia and China for hacking Western research into coronavirus vaccines. But stealing vaccine research during a global pandemic, seen as a digital extension of classic espionage, doesn’t directly violate rules of the road for which U.S. officials have spent years advocating in cyberspace. Some cybersecurity experts worry the push could undermine the effort to instill those global norms.


_______________________________________________________________________________________

(July 20, 2020)


Cyber attackers are more active on Dark Net amid coronavirus

The use of darknet has increased following the lockdown. Cyber experts have noted that at least 50 lakh CVV and credit card dumps are available on the Dark Net. The details have been revealed in the Indian Financial Hack-2020, presented by Cyber Safe Bangalore, a firm that offers security assessment, cybercrime, and darknet investigation solutions. More than 50 lakh CVV and credit cards have been dumped on the darknet.


_______________________________________________________________________________________

(July 20, 2020)


Cloud services are helping to adapt and respond to COVID-19 challenges

Around 38 percent of businesses have scaled infrastructure to meet new levels of demand in a secure manner during the lockdown period (March-June). The findings also demonstrate that organizations that adopted cloud technologies prior to the pandemic have been best positioned to deal with the unprecedented threats as well as the crisis. Even non-cloud enabled organizations also seem to be considering adopting appropriate cloud technologies post-COVID-19, in order to drive business resilience.


_______________________________________________________________________________________

(July 20, 2020)


A surge in remote work is the top concern for NetOps and SecOps

VIAVI Solutions Inc. released the results of its 13th annual State of the Network global study of enterprise networking and security challenges. The study shows that IT teams critically require better visibility into the network driven by a number of factors. This including tremendous disruption from the COVID-19 pandemic, relentless technological advances, remote working reaching an all-time high, and the expanding security threatscape.


_______________________________________________________________________________________

(July 19, 2020)


Basic cybersecurity basics practices are more important in the new normal

In this new work-from-anywhere environment due to COVID-19 pandemic, cybersecurity, trust, and protecting customer data is more important than ever. In this situation, the best practices include enabling strong multi-factor authentication or patching all of the devices to it to inoculate them against known vulnerabilities, to prevent things like ransomware attacks. And then finally, treating cybersecurity like a team sport.

Ref - ZDNet

_______________________________________________________________________________________

(July 18, 2020)


COVID-19 used as bait for credit card skimming frauds 

The government's cybersecurity agency has warned people of credit card skimming spreading across the world through e-commerce platforms. Attackers are typically targeting e-commerce sites because of their wide presence, popularity, and the environment LAMP (Linux, Apache, MySQL, and PHP). Attackers targeted sites that were hosted on Microsoft's IIS server running with the ASP.NET web application framework.

Ref - News18

_______________________________________________________________________________________

(July 18, 2020)


Millions of users are targeted by a ‘catastrophic’ scam

Australians have been told to keep their eyes peeled for signs they have been targeted by a huge email scam. An Office 365 scam has targeted millions of users across 62 countries in a bid to attack businesses. When the group first began carrying out this scheme, the phishing emails contained deceptive messages associated with generic business activities. Other scam emails prey on victims’ desperation, using terms like “COVID-19 bonus”.

Ref - Yahoo

_______________________________________________________________________________________

(July 17, 2020)


A vulnerability in Zoom could be used by hackers

A vulnerability has been noticed in the Zoom video conferencing application (in high demand due to COVID-19 pandemic led lockdown) for Windows 7 and earlier versions that could allow an attacker to remotely execute arbitrary code on the targeted system, a national cybersecurity agency. The severity rating of this vulnerability is “high” and advised users to update the app and its security by visiting the Zoom support service website.


_______________________________________________________________________________________

(July 17, 2020)


Hackers looking for COVID-19 research across the world

Britain's National Cyber Security Centre (NCSC) said that hackers backed by the Russian state had tried to steal COVID-19 vaccine and treatment research from academic and pharmaceutical institutions around the world. Russia has rejected London's allegations. Russia would want to steal any intelligence as an investment into a coronavirus vaccine is huge. COVID investments are major investments for Governments right now because of the urgency of this crisis.

Ref - Express

_______________________________________________________________________________________

(July 17, 2020)


Australian researchers working on coronavirus are warned of cyber attacks

Data security experts are warning Australian researchers working on coronavirus vaccines and treatments to remain vigilant as global hackers try to access their work. Australia's world-leading research made it a target for state and non-state actors, and hackers aren't just looking for vaccine and treatment blueprints, but also for information about supply chain logistics, including plans for vaccine production and information on strategies for procuring supply.


_______________________________________________________________________________________

(July 17, 2020)


Cyberattack campaigns exploiting COVID-19 with global impact

COVID-19 pandemic is changing the business landscape. The most immediate being the sudden increase in the number of people working from home. During this new time, cybercriminals are taking advantage, particularly of people who are not used to working remotely, with email and text scams. By exploiting current tragedies and well-publicized global issues, scammers are tricking remote employees who are anxious about the events taking place.


_______________________________________________________________________________________

(July 16, 2020)


COVID-19 pandemic increased cyber and financial risks

Exabeam, the Smarter SIEM company, released new research that identified the initial impacts of the COVID-19 pandemic on security teams. The report suggests increases in both cyber and financial risks since the onset of the health crisis in the first half of 2020. During this time, 80 percent of companies saw ‘slightly to considerably more’ cyberattack attempts, breaking down to 88 percent in the U.S. and 74 percent in the U.K.


_______________________________________________________________________________________

(July 16, 2020)


Russian hackers are using custom malware to target COVID-19 vaccine research 

Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus. The activity is attributed to the APT29 threat group. Targets are in the government, healthcare, diplomatic, think-tank, and energy sectors. The adversary has been running these attacks throughout 2020 against entities in Canada, UK, and the US.


_______________________________________________________________________________________

(July 16, 2020)


Robots used in the COVID-19 hospital could be hacked 

Tech experts in Spain have warned that the robots that are being used to disinfect hospitals during the COVID-19 crisis are vulnerable to cyber-attacks, and may have disastrous effects on the associated people. The COVID-19 pandemic has seen a rise in the use of robots that use ultraviolet light to zap germs in hospitals and clinics. The majority are not secure and theoretically can be taken over remotely and then made to shower their harmful rays on exposed patients or staff.

Ref - Telegraph

_______________________________________________________________________________________

(July 16, 2020)


Coronavirus put the spotlight on cybersecurity

The COVID-19 pandemic has put the spotlight on cybersecurity professionals, many of whom are now calibrating their approaches to mitigate the security risks of a growing remote workforce. The pandemic has accelerated plans by companies to support remote work, with some wondering if they are implementing the right measures. Now, more advanced firms are looking at security paradigms like zero trusts.


_______________________________________________________________________________________

(July 16, 2020)


Multi-factor authentication is a bigger concern than COVID-19 malware

An inability to implement multi-factor authentication has been the biggest threat to the security of Australian companies during the COVID-19 pandemic. Inadequate identity management has perpetuated gaps in cybersecurity protections for companies with increasing numbers of remote workers. Fully 46 percent of companies with 251 to 500 employees said the inability to adopt MFA had proven to be their biggest challenge during the pandemic.


_______________________________________________________________________________________

(July 15, 2020)


Children are facing greater online risks with COVID-19

The National Center for Missing and Exploited Children received more than 4 million reports of children-related cyber threats in April, an increase of nearly 3 million from April 2019. The FBI issued a warning to parents in March, and the Los Angeles Times reported that law enforcement officials in L.A. were overwhelmed in recent months by a surge in tips about online child sex abuse, with social media platforms and other service providers flagging explicit content.

Ref - TheHill

_______________________________________________________________________________________

(July 15, 2020)


A 260% rise in reported in cyber attacks in India since the lockdown began

Cyber threats to individuals have increased drastically as a result of the coronavirus. There is a great deal of anxiety over the coronavirus, which makes people exercise less than usual prudence when clicking on a link or opening an attachment in their haste to get the latest news. This is exploited by cybercriminals who create links that lead to malware or apps that offer something related to COVID-19, such as face masks or tests.


_______________________________________________________________________________________

(July 15, 2020)


COVID-19 is an opportunity for cybercriminals

The levels of cybercrime had ­multiplied recently, to a 6,000 percent increase in COVID-related spam at the height of the pandemic. The more striking trend is the explosion of attacks on businesses and individuals. And although minorities in the US, who may be less informed about the risks and more nervous about approaching the authorities, seem particularly vulnerable, the onslaught is being felt by almost everyone, almost everywhere.


_______________________________________________________________________________________

(July 15, 2020)


COVID-19 has created a “perfect storm” for cybercriminals

A recent report by Kaspersky suggests that the COVID-19 pandemic has created a “perfect storm” for scammers and hackers, with smaller businesses facing a significant threat. The increased cyber threat created by the pandemic has been widely reported, with Action Fraud warning the public to “remain vigilant” as £16.6m has been lost to online shopping fraud since lockdown was announced in June.

Ref - Verdict

_______________________________________________________________________________________

(July 14, 2020)


Protecting small business cybersecurity amid COVID-19

During the pandemic, small business owners are pivoting while trying to retain good employees. Cybersecurity threats are an additional unneeded stressor for already strained companies. Thankfully, by following guidelines for remote workers and managing risks, firms can reduce the chances of a cybersecurity event and focus on making it through the crisis. Also, companies must strike a balance during this work-from-home period.


_______________________________________________________________________________________

(July 14, 2020)


An increase in cyber attacks on Indian firms amid COVID-19 crisis

The COVID-19 pandemic having forced people indoors, everything from education to healthcare, and socializing has moved to digital platforms. In some cases, this has left users’ data and secured them. Unauthorized persons are entering the chat-room and hurling abuses at the group in online classes ongoing in educational institutes. Such incidents are one of the many instances of cyber hacks in the recent past. 


_______________________________________________________________________________________

(July 14, 2020)


VMware released a cybersecurity threat survey report

VMware, Inc. released the results of its first U.S.-focused cybersecurity threat report, entitled: “Extended Enterprise Under Threat.” According to the supplemental survey of more than 1,000 respondents from the U.S., UK, Singapore, and Italy, 88% of U.S. cybersecurity professionals said attack volumes have increased as more employees work from home. 89% said their organizations have experienced cyberattacks linked to COVID-19 malware.


_______________________________________________________________________________________

(July 14, 2020)


COVID-19 crisis could boost passwordless authentication

Passwords have always been a weak link in security, but people are so used to them that getting them to change to a more secure form of authentication has been a difficult task. But COVID-19 can be the catalyst that ends up ushering in passwordless access. The push is slowly happening. Gartner predicts that 60% of enterprises and 90% of midsize businesses will move to passwordless authentication by 2022.


_______________________________________________________________________________________

(July 14, 2020)


Google detected 18M COVID-19-related malware in a day

As COVID-19 cases increase across Victoria and NSW, the global pandemic has seen a significant spike in phishing attacks and scams. The COVID-19 has seen an increase in ‘bad actors’ looking to capitalize on people’s anxiety. The tech giant Google revealed that there’s been a significant increase in phishing attacks and scams, as it detected 18m malware and phishing messages through Gmail a day.


_______________________________________________________________________________________

(July 13, 2020)


Cybercriminals using coronavirus and financial content to launch phishing schemes

Cyber-attacks targeting both consumers and businesses surged worldwide, and the trend shows no sign of stopping any time soon. In recent months, coronavirus-related attacks spiked, and email has remained the prime vector of choice for enabling them. In the past two months, Bitdefender’s telemetry has shown a steady surge of coronavirus-related emails, with 42.9% of the correspondence flagged as suspicious, fraudulent, or malicious.


_______________________________________________________________________________________

(July 13, 2020)


Hacking attacks increased on hospitals for patient data 

More than 80% of medical practices have been the victims of cyberattacks, according to a national survey. Over half reported patient safety concerns from the hacks and 20% said that their business had been interrupted for more than five hours. And the situation has only gotten worse during the months-long coronavirus pandemic, as more employees switched to working from home, and medical facilities were cash-strapped and stretched thin because of COVID-19.

Ref - USAToday

_______________________________________________________________________________________

(July 11, 2020)


Cyber investment increased up to 940% during a pandemic 

Cyber startups raised a record half-billion in the first six months of 2020. It appears that the Coronavirus pandemic is responsible for triggering a 940 percent increase in cyber funding compared to the same period of 2019. However, the investment is mostly going to growth-stage companies while early-stage startups struggle. Growth stage companies in 2020 account for 94 percent (£465 million) of the £496 million already raised by cyber startups this year.


_______________________________________________________________________________________

(July 10, 2020)


Employees using hardware from home threatens the security

As COVID-19 quarantine restrictions ease, many companies are implementing plans for when their employees return to the workplace. Many of these employees have connected uncontrolled peripheral devices to their corporate laptops. These peripherals are potentially cyberattack tools used by bad actors to gain access to secured organizations and, in most cases, cannot be seen by the installed endpoint security tools.


_______________________________________________________________________________________

(July 10, 2020)


Software-defined perimeters could provide a solution to remote work security issues

A new report has found that interest in software-defined perimeters (SDPs) as an alternative to VPNs has exploded since COVID-19 forced more than half of the US workforce to go remote. The report is based on a survey of IT professionals. It found that VPNs, which have long been the standard way to securely connect remote workers to corporate computing assets, are starting to cause trouble for new remote workers and organizations alike. 


_______________________________________________________________________________________

(July 10, 2020)


Mobile app fraud increased after COVID-19 pandemic

RSA data reveals a continued shift away from browser-based fraud as attackers target mobile apps. One of the most significant developments in online fraud for consumer-facing organizations last quarter was a sharp increase in fraudulent transactions originating from mobile applications instead of mobile browsers. Recently, with COVID-19 forcing people to do more things online, mobile transactions have become more prominent.


_______________________________________________________________________________________

(July 10, 2020)


Google banning ads from 'stalkerware' services

Google is barring ads from "stalkerware" services that allow people to spy and track others through their phones without their consent. Spyware use and stalking software have seen an increase during the COVID-19 lockdown. Now, Ads will no longer be allowed from companies promoting GPS trackers designed to spy on people or surveillance equipment marketed with the express purpose of spying. Google's ad policy changes will go into effect in August. 


_______________________________________________________________________________________

(July 9, 2020)


Pubs and restaurants are facing cyber attack amid lockdown

Only one of the UK’s 50 most popular pub and restaurant chains has bothered to implement the strictest level of DMARC email protection to stop cybercriminals spoofing their identity in phishing attacks, and 70% have no published DMARC record at all, leaving their customers wide open to impersonation attacks. With pubs and restaurants now reopening, consumers face a potential explosion in cybercriminal activity.


_______________________________________________________________________________________

(July 9, 2020)


Cybersecurity dynamics are about to change

According to a report by the Australian Cybersecurity Growth Network (via Forbes), the global cybersecurity market is set to increase to $270 billion by 2026. This signals the priority boardrooms have placed on cyber risk management even as digital transformation takes place en masse. The COVID-19 pandemic has become the catalyst to trigger a change in the ways technology is managed and operated.

Ref - Forbes

_______________________________________________________________________________________

(July 9, 2020)


Banks' cyber risks increased as COVID-19 spurs digital trends

Banks face a growing risk of cyber-attacks as the coronavirus crisis accelerates the shift to digital banking and remote working, Moody's Investors Service said in a report. Social distancing has created a surge in demand for contactless payments, digital cash transfers, and online banking, as well as remote working by bank employees. Banks' digital customers are a natural target for fraudsters via phishing emails or social engineering scams.


_______________________________________________________________________________________

(July 8, 2020)


COVID-19 lead to a boom in data-based scams

The pandemic highlighted a boom in data-based scams including phishing, and business email attacks or the creation of fake corporate websites to fool purchasers. Moreover, cyberattacks on critical infrastructure involved in addressing the pandemic are also likely to continue in the form of online scams aimed at health procurement authorities. At the same time, preventing, detecting, and responding will need additional skills.

Ref - UN News

_______________________________________________________________________________________

(July 8, 2020)


Security funding rises despite COVID-19 descent

Almost £500m has been invested in British cybersecurity startups in 2020 in spite of the economic slump caused by the COVID-19 coronavirus pandemic, with the investment well on track to breaking the funding record of £521m set just last year. The figures make for a bleak contrast when compared to the wider startup economy in the UK, which has seen investment levels plummet by half compared to the year 2019.


_______________________________________________________________________________________

(July 8, 2020)


Cyber-crime amid COVID-19 pandemic

The COVID-19 pandemic has created a VUCA world, where every individual and organization has been adversely impacted in one way or another. So, there are several nefarious scams that people should expect in the coming weeks and months: the increase in phishing attacks, fake documents scams, insider frauds, sextortion related crimes, fake medicines/Anti-Corona drugs and Increase ransomware attacks.

Ref - CNBCTV18

_______________________________________________________________________________________

(July 7, 2020)

The “Keeper” Magecart group is active again

The “Keeper” Magecart group, which consists of an interconnected network of 64 attacker domains and 73 exfiltration domains, has targeted over 570 victim e-commerce sites in 55 different countries from April 1, 2017, until the present. With revenue likely exceeding $7 million and increased cybercriminal interest in CNP data during the COVID-19 quarantine measures across the world, this group’s market niche appears to be secure and profitable.


_______________________________________________________________________________________

(July 7, 2020)


Brazil’s government assistance program capitalized in COVID-19 cybercrime

Cybercriminals are capitalizing on COVID-19 in Brazil by delivering malicious email, SMS text, and WhatsApp messages and creating hundreds of malicious sites since March 2020. In particular, it is discovered that over 693 new COVID-19-related Brazilian cybercriminal malicious websites have been created this year, many capitalizing on the country’s government assistance program related to the pandemic.


_______________________________________________________________________________________

(July 7, 2020)


Microsoft busts hackers who used COVID-19 as bait 

A US court has allowed Microsoft to seize control of key domains of cybercriminals who used COVID-19-related lures in the phishing emails to target its customers in 62 countries and access Office 365 account contents, including email, contacts, notes, and material. Microsoft's Digital Crimes Unit (DCU) first observed these criminals, when they deployed a sophisticated, new phishing scheme designed to compromise customer accounts.

Ref - RPCMag

_______________________________________________________________________________________

(July 7, 2020)


Early COVID-19 tracking apps easy target for hackers

The push to use smartphone apps to track the spread of coronavirus is creating a potential jackpot for hackers worldwide and the U.S. offers a fat, loosely defended target. Tracking applications in Qatar, Indian and UK have already been found vulnerable to various data exploitation issues. And the U.S. has its own unique vulnerabilities: a fragmented collection of apps, tiny state cybersecurity budgets etc..

Ref - Politico

_______________________________________________________________________________________

(July 6, 2020)


Next step for cybersecurity during a pandemic

The COVID-19 pandemic has, almost overnight, forced everyone to adapt to a whole new working environment. After nearly two months in quarantine, both organizations and employees have come to terms with working remotely or working from home. Most organizations have robust cybersecurity policies but cyberattacks can still occur despite these precautions. Also, being cyber-safe is a shared responsibility that begins with every individual.


_______________________________________________________________________________________

(July 6, 2020)


Wide-Area Network cyber threats amid COVID-19 crisis

As the coronavirus crisis escalated, so did the reliance of many of these entities on their digital communication networks, and so did the cybersecurity threats posed to these organizations, their data, and their users. The COVID-19 CTI League, a volunteer group of CTI experts, has been formed specifically to neutralize cyber threats aimed at exploiting vulnerabilities related to the current pandemic


_______________________________________________________________________________________

(July 6, 2020)


A new trend in robocall scams amid Coronavirus

A recent survey conducted by Provision Living showed that a full 20% of survey participants received at least one COVID-19-related call or text. Worse, almost a quarter of the respondents (23%) said the pace of robocalling had increased since the start of the pandemic. Interestingly, while Provision's survey participants did include older folks, the average age of the 4,038 survey participants was 39, right at the upper age of the millennial generation.

Ref - ZDNet

_______________________________________________________________________________________

(July 6, 2020)


Acting against COVID-19 related cybercrime

To fight against Coronavirus themed cybercrime, organizations must confront at its source to systematically reduce its global impact. An effective response to cybercrime requires exploring many possible courses of action and taking the interests of both the public and private sectors into account. Further, an optimal plan of action should leverage the expertise of both the public and private sectors to stay protected.


_______________________________________________________________________________________

(July 6, 2020)

Threat Detection and Visibility in a remote working world

As a result of the rapid shift to remote work due to COVID-19, many IT organizations now have the technology to support remote employees. As the world moves forward into a new normal, one clear change that is here to stay is more flexible, remote-friendly working policies. As a result, security operations teams need a long-term strategy to maintain visibility and threat detection over a network that has new blind spots and hardly any remaining perimeter.


_______________________________________________________________________________________

(July 5, 2020)


Threat actors are targeting Americans working from home

Federal officials and experts are warning that foreign cybercriminals are targeting U.S. businesses and Americans who are working from home on less-secure networks during the COVID-19 pandemic. Millions of Americans have shifted to working at home indefinitely to help halt the spread of COVID-19, placing them outside of more secure office networks and away from company IT professionals. Foreign cybercriminals are taking notice of this situation.

Ref - The Hill

_______________________________________________________________________________________

(July 3, 2020)


The cyber threat landscape has changed with COVID-19

The COVID-19 pandemic and the resulting lockdowns have dramatically changed the cyber risk landscape, with cybercriminals across the globe quickly taking advantage of new vulnerabilities. Fortinet research group has noted a significant spike in the number of new threats during the pandemic. Also, the pandemic has changed the threat landscape as well as the techniques being used by hackers to compromise networks.

Ref - ITWeb

_______________________________________________________________________________________

(July 3, 2020)


Lessons from COVID-19 cyberattacks

Cyber actors have shown that during the pandemic, they will let no opportunity go by without trying to take advantage. They prey upon the fear and concern around COVID-19 with phishing attacks and capitalize on security weaknesses. And it's had a significant impact on security professionals' roles, a recent survey from (ISC)² found that 81% of respondents said their job function had changed during the pandemic.


_______________________________________________________________________________________

(July 3, 2020)


Android and Apple phone silently downloading COVID-19 app on mobile phones

Users across the US and UK are left puzzled as a coronavirus tracking software has landed on their phones without their knowledge or any kind of prior notification. And the fact is that it has been noticed on phones which do not have any government recommended COVID-19 Tracking software loaded on to them. All of sudden, a function dubbed as ‘COVID 19 Exposure Logging’ is being observed in the settings section of both iPhone and Android devices.


_______________________________________________________________________________________

(July 3, 2020)


Cyber resilience is important for the stay-at-home world

While natural disasters and resilient physical infrastructures are top of mind for many, in the wake of the COVID-19 pandemic, IT and political leaders should add cyber resilience to their larger infrastructure and IT resilience discussions and plans. If every organization took a close look at its IT playbook, ransomware would be far less destructive and costly and could ultimately deter cybercriminals from launching attacks in the first place.

Ref - Forbes

_______________________________________________________________________________________

(July 3, 2020)


The cyber threat landscape has changed with COVID-19

The COVID-19 pandemic and the resulting lockdowns have dramatically changed the cyber risk landscape, with cybercriminals across the globe quickly taking advantage of new vulnerabilities. Fortinet research group has noted a significant spike in the number of new threats during the pandemic. Also, the pandemic has changed the threat landscape as well as the techniques being used by hackers to compromise networks.

Ref - ITWeb

_______________________________________________________________________________________

(July 3, 2020)


Lessons from COVID-19 cyberattacks

Cyber actors have shown that during the pandemic, they will let no opportunity go by without trying to take advantage. They prey upon the fear and concern around COVID-19 with phishing attacks and capitalize on security weaknesses. And it's had a significant impact on security professionals' roles, a recent survey from (ISC)² found that 81% of respondents said their job function had changed during the pandemic.


_______________________________________________________________________________________

(July 3, 2020)


Android and Apple phone silently downloading COVID-19 app on mobile phones

Users across the US and UK are left puzzled as a coronavirus tracking software has landed on their phones without their knowledge or any kind of prior notification. And the fact is that it has been noticed on phones which do not have any government recommended COVID-19 Tracking software loaded on to them. All of sudden, a function dubbed as ‘COVID 19 Exposure Logging’ is being observed in the settings section of both iPhone and Android devices.


_______________________________________________________________________________________

(July 2, 2020)


Daily remote desktop attacks increased during a pandemic

While attention on COVID-19 has primarily focused on the social and medical fallout, a recent study has made reference to a “cyber pandemic” taking hold in the new world of remote working. Figures from ESET have shown that in the wake of the virus, a major shift has been seen away from traditional office spaces in favor of remote desktop software as businesses look to respect social distancing and slow the spread of the virus.

Ref - TechRadar

_______________________________________________________________________________________

(July 2, 2020)


The new age of cybersecurity concern in a post-COVID-19 era 

As COVID-19 continues to alter the way people live, organizations and individuals must protect their sensitive data in order to protect themselves. While some changes are likely to be temporary, others will have long-lasting effects. The pandemic has forced employees to work remotely, resulted in school closures impacting almost 70% of the world’s student population, and given rise to a number of new online scams.

Ref - Law

_______________________________________________________________________________________

(July 2, 2020)


Enhancing cybersecurity amid COVID-19 pandemic

Amid the spike in COVID-19 coronavirus cybersecurity threats tied to remote work, Middle East organizations should follow a three-step process strategy. Organizations should work with channel partners on vulnerability assessments and penetration testing. Work with knowledgeable vendors and channel partners to develop short-term, medium-term, and long-term cybersecurity strategies.

Ref - Albawaba

_______________________________________________________________________________________

(July 2, 2020)


Remote workers are under cyber-attack

The COVID-19 induced shift to remote working has provided a golden opportunity for cybercriminals to target one of a business’s biggest cyber vulnerabilities – the workforce. Businesses no longer have the luxury of traditional defensive and office-based security models, and with such a drastic transformation in how workers operate remotely, the cyber risks have increased significantly. In order to manage this risk, it is imperative to first understand it.

Ref - IT-Online

_______________________________________________________________________________________

(July 1, 2020)


Already struggling education sector is now more exposed after coronavirus crisis

School districts in the United States already had significant cybersecurity shortcomings. They often lack dedicated funding and skilled personnel to continuously vet and improve cybersecurity defenses. The pandemic amplified these risks, as school districts around the country transitioned to distance learning in the spring. Suddenly, millions of teachers and students have started using video chat software, lesson portals, digital message boards, and other online tools, which are exposed to risks of cyber threats.

Ref - Wired

_______________________________________________________________________________________

(July 1, 2020)

Microsoft warns public of COVID-19-related cyberattacks

American technology company Microsoft is warning businesses and individuals about the risk of cyberattacks that prey on people’s health concerns using pandemic-related content. The company found that among millions of global phishing emails, around 60,000 were related to COVID-19, with the senders pretending to come from official organizations such as the World Health Organization. The pandemic was being used to trick users into opening malicious emails.


_______________________________________________________________________________________

(July 1, 2020)


Family enterprises and offices are facing cybersecurity risks during COVID-19

Some Family Enterprises (FEs) and Family Offices (FOs) are recognizing the danger, and taking steps to increase cybersecurity capabilities as they face yet another set of risks. In the FOs and smaller FEs, the person in charge of IT may not have control over the actions of principals and their family members. Usually, there is no dedicated chief information security officer with expertise about devices, access and usage, as there is in large enterprises. Often, there is a small staff that must try to manage IT controls with governance, frequent education and personal influence.

Ref - EY

_______________________________________________________________________________________

(July 1, 2020)


Security plan to protect enterprises

The unprecedented times of COVID-19 have brought the need to ‘Go Digital’. To stay protected, organizations should implement an ongoing cyber threat education and awareness program for their stakeholders. Implement multi-factor authentication and know the most critical data and systems and where they are located. Update regularly and monitor activity on most critical systems.

Ref - CRN

_______________________________________________________________________________________

(July 1, 2020)


DDoS attacks increased 542% from Q4 2019 to Q1 2020

The shift to remote work and heavy reliance on online services has driven an increase in attacks intended to overwhelm ISPs. In the first quarter of 2020, distributed denial-of-service (DDoS) attacks jumped more than 542% compared with the last quarter of 2019 and more than 278% year-over-year. NexusGuard researchers suggest the spike may be linked to a parallel increase in malicious cyber activity during the COVID-19 pandemic.


_______________________________________________________________________________________

(July 1, 2020)


Business Email Compromise attacks doubled from April to May

New data shows a sharp increase in monthly business email compromise (BEC) attacks focused on invoice or payment fraud. Fraudsters have been increasingly leveraging the COVID-19 pandemic to target unsuspecting victims, including remote workers, via email. Research data published by Abnormal Security shows a 200 percent increase in BEC attacks focused on invoice or payment fraud from April to May 2020.


_______________________________________________________________________________________

(June 30, 2020)


Over 20,000 COVID-19-themed cyber attacks observed by FBI

Some 20,000 coronaviruses (COVID-19)-related cybersecurity threats have been reported to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) so far this year, an agency official said in early June. The IC3 is tracking a massive spike in hackers attempting to capitalize on the COVID-19 crisis. In April, online crimes reported to IC3 had roughly quadrupled since January to 4,000 incidents daily.


_______________________________________________________________________________________

(June 30, 2020)


Ransomware attacks against healthcare sector on the rise

According to the International Criminal Police Organization, threat actors have ramped up their attempts to pollute the IT networks of hospitals with ransomware in spite of the COVID-19 crisis. The adverse outcome of such an incursion isn’t restricted to data damage. It can also hamper quick medical response and thus impact the physical well-being of the patients. Emails with booby-trapped links or attachments are the dominating vector of ransomware distribution.


_______________________________________________________________________________________

(June 30, 2020)

COVID-19-themed HMRC phishing scams identified

Fraudsters are continuing to exploit self-employed people with advancements in already-established COVID-19-related HMRC phishing scams. The scam begins with a text message purporting to be from HMRC informing the recipient they are due a tax refund. It states that the refunds can be applied online via an official-looking site that uses HMRC branding and is entitled “Coronavirus (COVID-19) guidance and support.


_______________________________________________________________________________________

(June 30, 2020)

The need for a cyber approach amid COVID-19

The American Fuel and Petrochemical Manufacturers (AFPM) explain that cybersecurity has gained new weight in 2020, with the COVID-19 pandemic reinforcing the need for cybersecurity to be robust, flexible, and agile. These requirements are especially crucial for fuel and petrochemical companies since they are among the industries deemed critical for economic and national security by the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA).


_______________________________________________________________________________________

(June 30, 2020)

Coronavirus-themed phishing attacks increased

Since March, criminals were using the COVID-19 pandemic to send phishing messages, dangerous attachments, and links to malicious websites. These cyber-attacks have continued and intensified over the past several weeks because attackers know people remain frightened and crave COVID-19 information. This coronavirus pandemic makes all users more vulnerable to social engineering and cyber-attacks.


_______________________________________________________________________________________

(June 29, 2020)

Mitigating cyber threats related to work from home culture

Mitigating/reducing risks due to cyber threats in increasing work from home mode has indeed become essential and therefore corporates, mainly MSMEs, should pay due attention to these aspects. There are technical solutions like end-point security to block the copying of data in external USB drives, and there are legal agreements that can put liabilities of a data leak on employees in a work from home environment.


_______________________________________________________________________________________

(June 29, 2020)

How governments can address cybersecurity in the post-pandemic world

To address cybersecurity issues during the COVID-19 epidemic, governments need to work together to adjust national frameworks, increase international cooperation, and unify awareness campaigns. Countries must become more agile in updating or developing national cybersecurity strategies, as well as legal and regulatory framework regarding cyberspace. Also, it has become important to start teaching children about cybersecurity.

Ref - WeForum

_______________________________________________________________________________________

(June 29, 2020)


Steps to respond to COVID-19-themed cyber attacks

A quickly evolving pandemic provides a favorable environment for hackers to exploit an organization’s lowered defenses as their organization moves to a remote workforce. With a remote workforce (due to coronavirus), businesses should have a full understanding of their existing vulnerabilities and threats, as well as where new ones could arise, with an action plan in place to mitigate the losses in the event of a breach.


_______________________________________________________________________________________

(June 29, 2020)


The eSafety office received AU$10 million to fight COVID-19 cyber attacks

The Office of the eSafety Commissioner has received an additional AU$10 million in funding to help administer protections in the wake of the COVID-19 pandemic. Minister for Communications, Cyber Safety, and the Arts said Australians have embraced rapid digitization of workplaces, schools, and households during the COVID-19, which underpins the need for a continued focus on online safety.

Ref - ZDNet

_______________________________________________________________________________________

(June 29, 2020)


COVID-19 patients information accessed by hackers in India

A group of hackers from Kerala has gained access to the details of at least 80,000 COVID-19 patients in New Delhi by hacking the website of Delhi State Health Mission (dshm.gov.in). The website, which is currently inaccessible, has been suspended after the Kerala Cyber Warriors hacked the site to allegedly expose its lack of security. The group also raised caution against the lack of security in the site, which stores thousands of sensitive data of patients.


_______________________________________________________________________________________

(June 29, 2020)


Adequate cybersecurity for Hospitals amid COVID-19

With so many connected devices and systems in the healthcare setting, efforts should be made to separate the different aspects of connected systems. IT departments should also segment different devices within the network. Critical medical equipment such as ventilators, lab equipment, or heart monitors that have any connection to the internet should be separated from workstations that are pulling up patient records or billing information.

_______________________________________________________________________________________

(June 28, 2020)


Ransomware attacks increased during coronavirus pandemic

Ransomware attacks continue to grow and the number of attacks has increased especially during the COVID-19 pandemic. Data encryption malware is an emergent threat evolving and changing its Tactics, Techniques, and Procedures (TTP) along the time. In general, data encryption malware so-called ransomware (like GoldenEye, Wannacry, etc.) prevents victims from accessing their systems and demands ransom payments in order to regain access to the data.


_______________________________________________________________________________________


(June 28, 2020)


A Ransomware masquerading as COVID-19 tracing application

CryCryptor, the new ransomware, has been targeting Android users in Canada and is being distributed via two websites under the pretext of an official COVID-19 tracing app provided by Health Canada. The researchers said that the ransomware surfaced just a few days after the Canadian government officially announced its backing of a nation-wide voluntary tracing app called COVID Alert. The app is set for testing in the province of Ontario beginning next month.


_______________________________________________________________________________________

(June 27, 2020)


The University of California's COVID-19 work affected by a ransomware attack 

The University of California, San Francisco paid criminal hackers $1.14 million this month to resolve a ransomware attack. The hacker’s encrypted data on servers inside the school of medicine. While researchers at UCSF are among those leading coronavirus-related antibody testing, the attack didn’t impede its COVID-19 work. The university is working with a team of cybersecurity contractors to restore the hampered servers soon.


_______________________________________________________________________________________

(June 27, 2020)


Protecting bank accounts from hackers amid coronavirus

CERT-In had earlier warned of possible cyber attacks in India. To stay protected some guidelines have been released. Users need to be aware that the banks never want to know the password, CVV, OTP, ATM PIN, card details, or any such information. Avoid clicking on links shared via social media networks, and click on the link found through trusted sources only. Avoid clicking on a suspicious link in an email or message from an unknown person or organization. If email is from an email ID never seen before, be careful while opening it.


_______________________________________________________________________________________

(June 26, 2020)


Cyber attacks originated from China increased after COVID-19 crisis

The heavy traffic of cyber attacks was witnessed after COVID-19, which originated in China, spread on a massive scale globally. In March 2020, Chinese hackers are said to have targeted over 75 organizations around the world in the manufacturing, media, healthcare, and non-profit sectors as part of a broad-ranging cyber espionage campaign. Hacking attempts originating from China are looking for information about anti-COVID19 battle and policies.


_______________________________________________________________________________________

(June 26, 2020)


Cybercrime landscape evolving as lockdown eases

Threat researchers at Check Point say they have observed a dramatic decrease in malicious COVID-19 coronavirus domains in Europe and North America as national lockdown measures begin to ease, but the danger is by no means past. New data released by the company revealed that it caught 2,451 new COVID-19 domains in the first two weeks of June, 4% of them clearly malicious and 3% suspicious in some way.


_______________________________________________________________________________________

(June 26, 2020)


Indian Govt. agency warned about cyber attacks

The way people turning online for undertaking financial transactions in the COVID era, a user cannot be immune to the threat of cyber attacks. The Indian Computer Emergency Response Team (Cert-In), part of the ministry of electronics & information technology, had warned millions of Indians could face cyber threats posed by fake emails, social media posts, or text messages, asking for free COVID-19 testing across India. 

Ref - ABPLive

_______________________________________________________________________________________

(June 26, 2020)


Evil Corp targeting US workers at home

A Russian hacking group is launching ransomware attacks against a number of US companies, targeting employees who are working from home due to COVID-19. Evil Corp hackers have tried to access at least 31 organizations’ networks in order to cripple systems and demand millions of dollars in ransom. The group's two alleged leaders were indicted by the US Justice Department in December 2019.

Ref - BBC

_______________________________________________________________________________________

(June 26, 2020)


Phishing attacks are targeting workers returning to the office

COVID-19 has attracted cybercriminals who have been capitalizing on the global pandemic by creating related phishing campaigns, malicious websites, and fake apps. Recent phishing attacks have taken a slight turn, beginning to target employees returning to the office as businesses start to reopen across the world. A recently observed phishing campaign shows that the attackers are deploying malicious email masquerading as COVID-19 training materials.

Ref - OodaLoop

_______________________________________________________________________________________

(June 26, 2020)


Cybersecurity amid pandemic’s impact

The COVID-19 pandemic has fundamentally changed the way the world operates. In addition to placing unparalleled pressures on healthcare systems across the globe and introducing significant limitations to daily lives, it has also put the spotlight on operational resilience in financial services. One of the key challenges financial services firms faced was the need to rapidly facilitate a shift to a near 100% remote workforce, leaving organizations exposed to increased cybersecurity threats.

Ref - CBROnline

_______________________________________________________________________________________

(June 26, 2020)


Microsoft released a patch to a critical remote access vulnerability

Microsoft is once again urging organizations to apply a patch to a critical vulnerability found in some Exchange Servers. In particular, access to misconfigured servers allow hackers access to the highest privileges, giving them the ability to add new user accounts without the need to deploy remote access tools. As a result, a hacker then would gain access to high privilege groups, including administrators, remote desktop users, and enterprise admins.


_______________________________________________________________________________________

(June 26, 2020)


Cyberattacks rise in COVID-19 pandemic

A rising number of cyberattacks aimed at the financial sector during the coronavirus pandemic has sent a warning to banks to improve their cybersecurity measures to protect themselves against future risks. Attacks against the financial sector increased 238% globally from the beginning of February to the end of April, according to data by Carbon Black Inc. Ransomware attacks grew ninefold in the period, with phishing emails the primary source.

Ref - SPGlobal

_______________________________________________________________________________________

(June 26, 2020)


Four ways to find out cybersecurity gaps in work from home

Millions of workers around the world have shifted from offices to working from home since the COVID-19 outbreak. So, it’s every employee’s responsibility to keep his or her company secure by keeping an eye out for phishing attacks. Examine the external threat landscape and review exposure to third-party suppliers. Also, companies that use third-party suppliers can evaluate their corresponding level of exposure by following basin security hygiene steps.

Ref - JDSupra

_______________________________________________________________________________________

(June 26, 2020)


Security and innovation amid COVID-19 crisis

The rapid global shift to a remote workforce due to COVID-19 and increased reliance on digital infrastructure were met almost immediately by a staggering uptick in cybercrime. With security resources and budgets stretched thin to accommodate remote workforces, cybercriminals were quick to capitalize on the increased attack surface and general uncertainty, striking with a 667 percent increase in coronavirus-related cyberattacks.


_______________________________________________________________________________________

(June 26, 2020)


New threats emerge from COVID-19 pandemic

Cybercrime cases have jumped by more than 50 percent as compared with last year, accounting for more than a quarter of all crimes committed in the country, said the Cyber Security Agency of Singapore (CSA) in its annual report published on Jun 26. The COVID-19 pandemic has also created a new raft of vulnerabilities, with attackers exploiting the panic and fear to seek financial gain or gain access to classified information.


_______________________________________________________________________________________

(June 26, 2020)


Impact of COVID-19 on cyber threats to the health sector

According to Canadian “Cyber Threat Bulletin,” national and international public health organizations will almost certainly continue to be targeted by cyber threats such as ransomware, information, credential theft, and Distributed Denial of Service (DDoS) attacks. Cyber threat actors will almost certainly continue to target hospitals, medical clinics, and other front-line services involved in COVID-19 responses around the world. 

Ref - Cyber

_______________________________________________________________________________________

(June 26, 2020)


Around 30% increase in cyber attacks amid COVID-19

COVID-19 crisis exponentially increases the surface area for the attackers to exploit people. Some studies show that there has been a 30% increase in cyber-attacks; some of the most common attacks include emails masquerading as government announcements or fake COVID-19 websites. People's mind was clouded with uncertainty about the epidemic situation, and attackers preyed on it.

Ref - GulfToday

_______________________________________________________________________________________

(June 26, 2020)


Impact of COVID-19 on U.S. financial services enterprises

According to U.S. Financial Services: U.S. Financial Services: Cybersecurity Systems & Services Market – 2016-2020” report, the economic and business implications of cyber attacks (after COVID-19), it has now become mandatory for the financial industry to significantly increase its investments. The investment required in state-of-the-art cyber security technologies solutions, and outsourced services to detect, prevent, analyze and resolve the epidemic of financial cyber crime.


_______________________________________________________________________________________

(June 26, 2020)


Cybersecurity is one of the biggest risks in 2020

Cybersecurity risks in India have only been amped up and greatly increased by the COVID-19 pandemic. Cybercriminals, activists & state actors get more active as people WFH and resources get stretched. The Ministry of Home Affairs has also issued a notice advising greater caution against cyber-attacks, specifically coming from neighboring countries.


_______________________________________________________________________________________

(June 26, 2020)


The increase of coronavirus-related cyber attacks

The worldwide novel coronavirus pandemic has led to millions of employees working from home and a surge in scams, malware, and phishing attacks, with a 600% increase in spear-phishing, according to Barracuda. It is now more essential than ever that IT staff remind employees to remain vigilant against attacks and protect their computer data in case data loss does occur, as the resolution is even more difficult in a distributed environment.


_______________________________________________________________________________________

(June 26, 2020)


Cybersecurity after coronavirus pandemic

The sharp and sizable increase in employees working from home caused by the pandemic has placed networks under greater pressure than ever before and has inevitably led to heightened cybersecurity risks. The National Cyber Security Centre has reported how malicious actors are increasingly exploiting vulnerabilities in VPNs and other remote working tools. Also, more UK government branded scams relating to COVID-19 have been detected than any other subject.


_______________________________________________________________________________________

(June 26, 2020)


Indians are most worried about identity theft Post-COVID-19

Identity theft and internet security rank high among the top security concerns for the average Indian, according to a study conducted by American software giant Unisys. Findings from the Unisys Security Index for 2020 revealed that 83 percent of all Indians surveyed feared identity theft and ranked it as their top security concern, while internet security came second on the list. Nearly 82 percent of respondents feared hacking.

Ref - CNBCTv18

_______________________________________________________________________________________

(June 25, 2020)


Cyber-attacks upon maritime industry increased four times

A recent report released by the British Ports Association and Astaara, a risk management firm based in the U.K., concludes that since February 2020, the maritime industry has seen a dramatic increase in cyber-attacks. The number of attacks has quadrupled, as companies struggle with COVID-19 and remote workforces. In addition to state-sponsored attacks on maritime facilities, cyber-criminals are targeting the maritime industry.


_______________________________________________________________________________________

(June 25, 2020)


Increase in cyber attacks in India since lockdown

Security experts in the country believe that there has been a significant spike (about 500%) in the cybersecurity attacks and breaches in India since the lockdown commenced in March. Internet service providers have confirmed receiving cyberattack alerts from corporate clients almost every alternate day compared with an average of once a week before the lockdown was announced as part of measure to contain the spread of COVID-19.

Ref - TPCI

_______________________________________________________________________________________

(June 25, 2020)


Working from home and cybersecurity during COVID-19

After coronavirus, so many employees across the world are working from home. To enable that, employees had to adapt their ways of working. For many companies, there are a few challenges when working from home. Cybersecurity continues to play a significant and important role in daily lives, especially as attackers are trying to take advantage of home and public networks in a bid to infect devices, be it company-issued or personal.

Ref - SC

_______________________________________________________________________________________

(June 25, 2020)


Cybercriminals are looking for new angles to exploit coronavirus

The Coronavirus pandemic continues to have a huge impact globally, it also reflected in the cyber-crime economy. The latest data (from Checkpoint) shows that the risk of an organization being impacted by a malicious coronavirus-related website depends on whether the country it is located in has gone back to business or is still under lockdown. However, COVID-19 related cyber-attacks down 24% compared to May.


_______________________________________________________________________________________

(June 25, 2020)


A popular method used by cybercriminals amid COVID-19

Cybercriminals constantly leverage fear and confusion by launching cyberattacks during major world events. Such attacks are mostly carried out with social engineering campaigns using malicious emails that attract victims to install malware that steals financial data and other valuable personal information. What distinguished this crisis from previous crises is its immediate and rapid effect on the cybercrime economy.

Ref - Real-Sec

_______________________________________________________________________________________

(June 25, 2020)


COVID-19 pandemic and the cybersecurity

The COVID-19 pandemic has created an immense humanitarian crisis that has severely affected almost all countries in the world. As a result, more and more people have begun to carry out their daily transactions, purchases, and even for education digitally and thus became very vulnerable to cyber-attacks. Because of the COVID-19 Cybersecurity has become a general concern for all citizens, professionals, politicians, and, more generally, all decision-makers.


_______________________________________________________________________________________

(June 25, 2020)


Office 365 users attacked by phishing attacks

Threat actors shift focus from COVID-19 to employee coronavirus training and current events like Black Lives Matter as cyber-attacks continue to rise. The recent phishing campaign leverages novel training programs that are required for employees in the workplace. The campaign, targeting Office 365 users, sends an email that includes a link to register to the training: “COVID-19 Training for Employees: A Certificate for Healthy Workplaces.”


_______________________________________________________________________________________

(June 25, 2020)


Staying protected from COVID-19-related phishing attack

Refrain from providing sensitive information online, such as credit card information, personal identification (PAN, Aadhaar, or passport) details, contact information, etc. unnecessarily, even if the website seems legitimate. Phishing scams often lure victims by creating fake websites employing the names of well-known companies. Also, beware of unknown email ids, and do not click on unknown links.


_______________________________________________________________________________________

(June 25, 2020)


Cybersecurity attacks surged during COVID-19 

The Department of Health and Human Services has reported an increase in cybersecurity breaches in hospitals and healthcare providers’ networks which may be due to COVID-19. Between the months of February and May of this year, there have been 132 reported breaches, according to the HHS. This is an almost 50% increase in reported breaches during the same time last year. The increase in hacking could be attributed to the COVID-19 pandemic.

Ref - TLO

_______________________________________________________________________________________

(June 25, 2020)


Indian business need robust measures to deal with coronavirus-themed cyber attacks

Indian companies pursuing remote working policies need to deploy robust preventive measures to deal with a spike in the incidence of cyber-attacks following the COVID-19 outbreak said a PwC report. These cyber-attacks on Indian companies doubled between January and March 2020. February saw a sudden spike, mostly focused on exploiting vulnerable services and obtaining easy access to remote desktops.


_______________________________________________________________________________________

(June 25, 2020)


K12 schools are warned for ransomware attacks 

The US Federal Bureau of Investigation sent out on Tuesday a security alert to K12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems. Schools are likely to open up their infrastructure for remote staff connections, which in many cases would mean create RDP accounts on internal school systems.

Ref - ZDNet

_______________________________________________________________________________________

(June 25, 2020)


A COVID-19 themed ransomware attack on Android users spotted 

A new COVID-themed ransomware attack on Android users in Canada, known as CryCryptor, has been revealed by ESET researchers. In the attack, people were lured into downloading a ransomware app disguised as an official COVID-19 tracing tool through two COVID-themed websites. This came shortly after the Canadian government announced its support for the creation of a nation-wide, voluntary tracing app to be called COVID Alert.


_______________________________________________________________________________________

(June 25, 2020)


The COVID-19 impact on cyber weapons industry

Global Cyber Weapons Market is expected to grow according to the “Global Cyber Weapons Market Report.” The report features the Industry growth analysis and forecasts for the growth and revenue up to 2025, allied with the Cyber Weapons Market. Industry size estimations have been provided in terms of value (USD million). Development policies and plans are discussed as well as manufacturing process and cost structure and drivers are also analyzed.


_______________________________________________________________________________________

(June 25, 2020)


Poor cyber hygiene habit exploited by hackers 

According to a cybersecurity consultant, the nation-wide concern (in India) over the pandemic has offered an opening for hackers to exploit. At this time, people are always looking out for information. This makes them susceptible to incidents of phishing through messages and e-mails on the COVID-19 pandemic. Working from home has forced many companies to shift their work and operations to home computers.

Ref - DTNext

_______________________________________________________________________________________

(June 25, 2020)


Cyber insurance market to grow with 26.3% due to COVID-19 crisis

Due to the growing awareness of insurance (thanks to Coronavirus), the surging number of cyber-attacks and increasing government regulations, the profile of cyber risk management firms are becoming better. This factor is set to prove instrumental in driving the cyber insurance market at a 26.3% CAGR between 2020 and 2030, thereby leading to an increase in the industry size from $5,573.2 million in 2019 to $70,671.9 million by 2030.


_______________________________________________________________________________________

(June 25, 2020)


Cybercriminals are waiting for businesses to re-open

Cybercriminals will continue to capitalize on the chaos of COVID-19 to infiltrate IT systems and patiently look for the right opportunity to strike. Squire Patton Boggs attorneys say for that reason, companies reopening should consider conducting a comprehensive cyber-audit to identify their cyber vulnerabilities. As businesses slowly and cautiously reopen, cybercriminals lie in wait; patiently hunting for a lucrative opportunity to strike.


_______________________________________________________________________________________

(June 25, 2020)


Cyber attacks in India increasing since COVID-19 lockdown

Cybersecurity attacks and breaches in the country may have jumped by as much as 500% since the lockdown was first announced in March, according to security experts. Most of the attacks include attacks on small companies, resulting in money lost. Businesses are now receiving cyberattack alerts almost every alternate day compared with an average of once a week before lockdown.


_______________________________________________________________________________________

(June 25, 2020)


Using the power of cybersecurity to fight COVID-19 crisis

COVID-19 outbreak has stricken communities across the globe. The coronavirus’s rapid geographical spread has caught the world off-guard, business continuity, and the world economic order. With a large percentage of the population having transitioned to remote working set-ups, the attack surface areas have expanded drastically, exposing technical vulnerabilities and risks that threaten to hinder an organization’s security.

Ref - CNBCTv18

_______________________________________________________________________________________

(June 24, 2020)


Spike in phishing attacks launched from China

Over the last five days, there has been a massive surge in the number of cyber probes seeking vulnerabilities in Indian cyberinfrastructure, the bulk of which have been traced to the Chinese city of Chengdu. Over 40,000 such probes have been discovered primarily targetting India's IT and banking sectors. It is a wide-scale phishing attack disguising itself as an email with the subject line, 'Free COVID-19 testing.'


_______________________________________________________________________________________

(June 24, 2020)


CISA’s failed to protect health sector from COVID-19-themed cyber attacks

While the impact of the COVID-19 pandemic has left a flurry of cybersecurity risks in its wake targeting healthcare and other sectors, the Cybersecurity and Infrastructure Security Agency (CISA) has scarcely missed a beat in carrying out its mission to protect the U.S. from cyber threats. Despite the massive turn to telework at government agencies the accompanying assault of cyberattacks from actors looking to take advantage of the situation, CISA has continued on pace with other missions, including efforts to secure the national elections in November.

Ref - MeriTalk

_______________________________________________________________________________________

(June 24, 2020)


Cybersecurity market analysis with the impact of COVID-19

Cyber-attacks against European targets are becoming increasingly more frequent and more sophisticated, pushing existing security capabilities to the limit. New solutions and the rapid expansion of networks and services indicate that this information overload will only worsen. Considering the economic and business implications of cyber-attacks, it has now become mandatory to invest in state-of-the-art cybersecurity technologies.


_______________________________________________________________________________________

(June 24, 2020)


Security measures to stay secure from phishing scams

The way cyber-criminals are exploiting fear surrounding the Coronavirus pandemic, it becomes very hard to stay protected. However, online users can follow basic security measures such as - stay informed about the techniques, think before clicking, use an anti-phishing toolbar, and always be wary of pop-ups. Also, before submitting any sensitive information, make sure that the site's address begins with "https."

Ref - TechGig

_______________________________________________________________________________________

(June 24, 2020)


COVID-19’s pandemic impact on cybersecurity

COVID-19 pandemic is having a dramatic impact on nearly all aspects of organizations nationwide from employee safety to reimagined workplaces to financial hardships. But cyber protection and response during the pandemic cannot take a backseat. Cybercrime is rampant, remote workers expose vulnerabilities, and privacy and security regulation compliance remains top of mind on a state and federal level.

Ref - JDSupra

_______________________________________________________________________________________

(June 24, 2020)


Health care’s cybersecurity challenge amid coronavirus

During the COVID-19 pandemic, health care organizations have been highly targeted for cyber-attacks. And as payers and providers scale their telehealth and digital operations, the risk of a cybersecurity incident increases. The more information technologies a company adopts, the higher its cybersecurity risk profile becomes as it creates new ways for cybercriminals to penetrate the company’s networks and infrastructure.

Ref - Infosys

_______________________________________________________________________________________

(June 24, 2020)

Best practices to stay protected from free COVID-19 testing mail attacks

Don't open attachments in unsolicited e-mails, even if they come from people in the contact list. Never click on a URL contained in an unsolicited e-mail, even if the link seems benign. In case of genuine requests with URLs (like a need to change the bank credentials), close out the e-mail and go to the organization's website directly through browsers. Exercise caution when opening e-mail attachments even if the attachment is expected and the sender appears to be known. 


_______________________________________________________________________________________

(June 24, 2020)

Indian firms are vulnerable to cyber attacks

CERT-In, on 19 June, indicated that malicious actors are planning large scale phishing attack campaigns against Indian individuals and businesses. The news of an imminent cyber attack has led many companies to take their vulnerabilities seriously. Several organizations and their clients have seen attacks different from the regular phishing attempts and they expect it to increase in the weeks to come.

Ref - TheQuint

_______________________________________________________________________________________

(June 24, 2020)

Insurers will see cyber coverage leap in wake of COVID-19

The rise in remote working due to the COVID-19 pandemic has increased the risk of cyberattacks, giving insurers an opportunity to improve their cyber insurance penetration rate, according to GlobalData. The company said that cyber uptake had been on the rise even prior to the outbreak. Cyber insurance uptake has been most impactful among micro-businesses, which saw a 300% increase between 2016 and 2019, reaching 17.8%.


_______________________________________________________________________________________

(June 24, 2020)

Robot disinfecting hospitals are highly insecure against cyberattacks

Alias Robotics, a Spanish startup specialized in robot cybersecurity, alerts that the robot that disinfects hospitals in the COVID-19 crisis, as well as most industrial robots that operate in Spain and the rest of the world, are highly insecure and vulnerable to cyber attacks, due to manufacturers ignoring security issues, putting people working nearby at risk. 


_______________________________________________________________________________________

(June 24, 2020)

Facing the Coronavirus-themed cyber pandemic 

The days when cyberspace could be regarded as a lawless wild west are long over. The internet has become a critical part of global infrastructure, and cyberattacks against its core functions, especially in the context of the COVID-19 crisis, should be treated as the existential threats that they are. The COVID-19 pandemic has shown that the internet is a critical, and uniquely global, part of the infrastructure.


_______________________________________________________________________________________

(June 24, 2020)

Payment frauds and cyberattacks are rising due to Coronavirus

The COVID-19 pandemic has opened up new avenues for fraudsters trying to hoodwink unsuspecting customers. More and more customers have moved to digital payments for items ranging from groceries to bill payments. Also, most consumers are at home and prefer to buy groceries and other goods online, making it more convenient for cybercriminals to take advantage of it. Customers are now facing more cyber attacks than before.


_______________________________________________________________________________________

(June 23, 2020)

India facing a spurt of cyber attacks 

Hackers based in China attempted over 40,000 cyber attacks on India's Information Technology infrastructure and banking sector in the last five days. One such fraudulent email ID was found to be `ncov2019@gov.in' which sent bogus information about free COVID-19 testing for residents of Delhi, Mumbai, Hyderabad, Chennai, and Ahmedabad. 


_______________________________________________________________________________________

(June 23, 2020)

Work-from-home amid COVID-19 is resulting in increased cyber-attacks

The Thailand Managed Security Services Market is expected to demonstrate healthy growth during the forecast period on account of the emerging need for cost-effective security solutions for the protection of valuable IT assets. Additionally, an increase in work from home amidst COVID-19 is resulting in increased cyber-attacks, thereby, fueling the Thailand Managed Security Services Market. The growth can be attributed to the rising demand for advanced security services.


_______________________________________________________________________________________

(June 23, 2020)

Cyberattacks slowing COVID-19 vaccine race

High-level cyberattacks on facilities researching COVID-19 vaccines have alarmed Australia and the United States, with defense strategists urging them to confront China, the nation widely believed to be responsible for them. The United States Studies Center at the University of Sydney, which receives part of its funding from the Australian government, said June 23 that the US and Australia should jointly protect vulnerable medical sectors.

Ref - AsiaTimes

_______________________________________________________________________________________

(June 23, 2020)

Cybersecurity changes in COVID-19 scenario

In recent months, an invisible virus has changed the world; working from home and remote interactions with services have become the new norm and the way people work, interact, and live has shifted significantly. Within a few months, people and employees have learned many lessons about cybersecurity as well. Just like our day-to-day lives, the attack landscape has changed and it is essential to know what is different and how to react to it, in order to keep the organization safe and secure.


_______________________________________________________________________________________

(June 23, 2020)

Nefilim ransomware gang is active amid Coronavirus

The Nefilim ransomware crime gang is targeting organizations that use unpatched or poorly secured Citrix remote-access technology. The ransomware gang is also stealing data, unleashing crypto-locking malware, and using the threat of exfiltrated data being publicly dumped to try to force payment. Also, ransomware attacks on remote access tools and technologies have increased greatly after the coronavirus pandemic.


_______________________________________________________________________________________

(June 23, 2020)


Warning of phishing attacks amid Coronavirus

The PIB (Press Information Bureau) issued a warning on Twitter asking people to adopt safe browsing practices to secure themselves from the phishing attack campaigns against individuals and businesses. In a series of tweets, PIB cautioned the internet users and also listed down the ways that can keep them safe from cyber-attacks. Some fraudulent websites are designed to look like genuine websites, tricking users into revealing personal or financial details.


_______________________________________________________________________________________

(June 23, 2020)


Cybercriminals are using COVID-19 to find new phishing victims

Since January, cybercriminals have leveraged the COVID-19 pandemic to stage all manner of cyberattacks, from ransomware take-overs of hospital systems to private network hacking. The latest cybercrime scheme exploits the ‘human emotions’, which is the greatest cybersecurity vulnerability of all. A slew of recent phishing attacks is targeting consumer trust in big-name videoconferencing platforms to steal personal information and harm lives.


_______________________________________________________________________________________

(June 23, 2020)


Cybercriminals taking advantage of COVID-19 crisis

Cyber threats are constantly evolving and taking advantage of online behavior and trends. They are exploiting the COVID-19 outbreak as an opportunity to send phishing emails claiming to have important updates or seeking donations, impersonating trustworthy organizations. With most employees working from home, the cybercriminals use common phishing tactics to steal data, identity, money from individuals, and compromise servers from organizations.


_______________________________________________________________________________________

(June 23, 2020)


Chinese Army can carry out a massive cyberattack

One day after Indian agency, tasked with cybersecurity, Cert-In issued an advisory regarding a possible cyber attack in the country, the Indian security agencies have also issued an alert on a possible cyberattack from the Chinese Army. The alert claims that the Chinese cyber warriors are expected to carry a massive phishing attack. It is possible that this attack will be disguised as an offer for the free COVID-19 test.

Ref - LiveMint

_______________________________________________________________________________________

(June 23, 2020)

Australia and US plan to name and shame the cyber attackers targeting health research during COVID pandemic

Australia and the United States have urged to jointly name and shame the state-backed actors that are attempting to steal health research during the coronavirus pandemic. A group of five foreign policy experts also suggested that the two countries should strengthen their ability to counter disinformation campaigns as an urgent priority in light of China's use of such tactics during COVID-19.


_______________________________________________________________________________________

(June 22, 2020)


Coronavirus-themed cyber attacks in India 

According to a Niti Aayog (government agency in India) report, phishing and social engineering attacks form 57% of all attacks, followed by malware attacks at 41%, spear-phishing at 30%, DoS at 20%, and ransomware at 19%. Piggy-backing on the COVID-19 pandemic outbreak, the cybercriminals are sending phishing emails in the form of an important update’ or under the garb of false cure, false advice, local news, false medication to extract money. 


_______________________________________________________________________________________

(June 22, 2020)


Cyber ransomware attacks increased amid COVID-19 

Beazley, the syndicate of Lloyd specializing in cyber risks, recorded an increase of 25% in ransomware attacks in the United States. The sectors mainly affected by these attacks are manufacturing (+156%), financial services, and healthcare. This increase in cyberattacks during the peak of the COVID-19 pandemic is mainly due to reduced vigilance of the American population following the anxiety generated by the health situation.

Ref - Atlas-Mag

_______________________________________________________________________________________

(June 22, 2020)


Many coronavirus apps are inadequate to protect users' information

Governments across the world are leaning on an array of coronavirus technologies, such as contact-tracing apps and smart thermometers, to make decisions about reopening. But experts are warning that their security and privacy protections are lacking which could make it easier for hackers to compromise peoples' personal information. Developers of the apps, researchers say, did not implement strong digital protections.


_______________________________________________________________________________________

(June 22, 2020)


Globally businesses are prone to ransomware attacks due to Coronavirus

In 2021, businesses will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019, globally. Its proliferation has further been accentuated because of the COVID-19 outbreak, as more and more employees continue to work remotely, and there is less protection due to remote access. It is likely that the users are more susceptible to falling prey to COVID-19-themed malicious emails.


_______________________________________________________________________________________

(June 22, 2020)


Cyber threats amid the COVID-19 crisis

Working remotely during the COVID-19 pandemic has been a lifesaver, but it has also brought new threats. Working from home allows people to minimize social interaction, which limits and slows the spread of COVID-19. But, as highlighted in a recent alert from the North American Electric Reliability Corp. (NERC), the electric power industry is in a period of heightened cyber risk due to a large contingent of industry employees working remotely.


_______________________________________________________________________________________

(June 22, 2020)


The Impact of COVID-19 on Cybersecurity Market

The Global Cybersecurity Market is projected to reach $ 152 billion by 2025 on account of increasing threats of cyber-attacks and data breaches faced by organizations, which has drastically increased the need for strong cybersecurity solutions. Additionally, increasing the use of advanced technologies such as AI, IoT, machine learning, blockchain, among others, for providing cybersecurity solutions is expected to fuel the market growth in the coming years.


_______________________________________________________________________________________

(June 22, 2020)


Cybersecurity amid COVID-19 and beyond 

Weave cybersecurity through the business, as it demands attention and collaboration from teams across the organization. Put remote workers at the center of strategy and learn from the experts. Security from cyber attacks by design should be the template moving forward. Also, businesses need to define a new normal with a transformed cyber function optimized to enable a new business reality. 


_______________________________________________________________________________________

(June 22, 2020)


Online scammers stole £17m during COVID-19 lockdown

Nearly £17m has been lost to online frauds over the COVID-19 lockdown period with younger shoppers most affected, according to ‘Action Fraud’. The UK’s National Fraud and Cybercrime Reporting Center claimed that online scams had snared 16,352 victims with online shopping and auction fraud since bricks and mortar stores were ordered to close on March 23.


_______________________________________________________________________________________

(June 22, 2020)


CERT-In warns about massive phishing attacks using COVID-19 as bait

The Indian government has raised a warning about a large-scale cyber attack, where attackers may try to use COVID-19 as a bait to steal personal and financial information against individuals and businesses. The attackers could impersonate government agencies, departments, and trade bodies that have been tasked to oversee the disbursement of government fiscal aid.

Ref - Firstpost

_______________________________________________________________________________________

(June 22, 2020)


The State Bank of India warns 2 million users of cyber attacks in cities like Mumbai, Delhi

The State Bank of India (SBI), India's largest lender, has issued a warning for its 2 million users to beware of an imminent phishing attack (cyber attack). Millions of its customers could be targeted by fake emails, social media posts, or text messages, promising free Covid-19 testing across India.


_______________________________________________________________________________________

(June 22, 2020)


‘Worldwide Cybersecurity Market to 2025’ - COVID-19 Impact on the Industry

On account of increasing cyber threats of data breaches and other kinds of cyber attacks, the Global Cybersecurity Market is projected to reach $152 billion by 2025. In particular, the COVID-19 pandemic has drastically increased the need for strong authentication techniques and cybersecurity solutions. The report covers how the increasing use of advanced technologies such as AI, IoT, machine learning, blockchain, among others are expected to fuel the cybersecurity market in the coming years.


_______________________________________________________________________________________

(June 22, 2020)


How can organizations survive COVID-19 

Although some experts see difficulties ahead for security spending due to the COVID-19 epidemic, all experts do not believe that 2020 will result in decreases. Bank of America Securities actually predicts cybersecurity spending to be increasing by about 2.8 percent this year, even as overall IT spending drops. Also, a separate report suggests that there is likely the condition of an increased M&A activity, with larger security vendors picking up smaller companies to help round out their own portfolios.

Ref - Dice

_______________________________________________________________________________________

(June 22, 2020)


Addressing cybersecurity challenges during COVID-19 and beyond

All the private and public companies need to sharpen the focus on cybersecurity and address the potential for expanding threats due to the abrupt shift to a remote workforce. In the short term, organizations should allocate resources specifically to support the business to enable teleworking, start planning for the future by further ensuring remote working capabilities, and determine how to securely interact with third-party sources. Moving forward, businesses need to define a new normal with a transformed cyber function optimized to enable a new business reality.


_______________________________________________________________________________________

(June 22, 2020)


Predictions about the ransomware attacks during the cyber pandemic

As reported by an industry survey by CyberEdgeAlmost, 62% of organizations globally have experienced a ransomware attack in the past year. Cybersecurity Ventures, a global cybersecurity research firm, is predicting that globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019.

Ref - Ele Times 

_______________________________________________________________________________________

(June 22, 2020)


COVID-19 Impact on Fraud Detection and Prevention (FDP) Market

The COVID-19 impact on the global Fraud Detection and Prevention (FDP) market size is projected to grow from USD 23.4 billion in 2019 to USD 38.6 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 28.4% during the forecast period. North America accounted for the largest market share in the impact of COVID-19 on FDP solutions across the major verticals.


_______________________________________________________________________________________

(June 22, 2020)


IBM advises tighter cybersecurity in new remote work era

IBM Indonesia, a wholly-owned subsidiary of American technology giant IBM, has advised companies to strengthen the cybersecurity measures and to communicate digital safety to employees in light of the increase in cyberattacks during the "remote working era" of the pandemic. Besides installing the necessary infrastructure, the organization suggested that companies educate their employees on basic digital safety, such as avoiding emails, website links, or downloads from unknown sources.


_______________________________________________________________________________________

(June 22, 2020)


Indonesia probing alleged COVID-19 test data breach

The Indonesian government says it is investigating the alleged hack of its Covid-19 databases, but it has denied claims that details of 230,000 people who took Covid-19 tests have been leaked online. Reports of the breach arose after an alleged hacker with the username "Database Shopping" offered to sell the personal data of people undergoing Covid-19 testing in Indonesia.


_______________________________________________________________________________________

(June 21, 2020)


Users suspect secret trackers in the new Apple, Android updates 

Some users have claimed on social media that they noticed that Apple and Google recently installed secret trackers on people’s smartphones. They noticed something new in settings: “COVID-19 Exposure Logging” or “COVID-19 Exposure Notifications.” One Tech expert Dave Hatter says that people are seeing an “application programming interface,” or an API. It is the framework for a coronavirus contact tracing app that health agencies could create and release to help monitor the spread of COVID-19 in future. But right now it is not active.

Ref - NBC12

_______________________________________________________________________________________

(June 21, 2020)


Over 500,000 Zoom account credentials sold on the Dark Web and hacker forums

Over 500,000 Zoom accounts were being sold on the Dark Web and hacker forums earlier in April, which were purchased and analyzed by a cybersecurity firm Cyble. Around 530,000 Zoom credentials included in the deal were discovered to be from several well-known companies such as Chase, Citibank and educational institutions including the University of Colorado and the University of Florida. 


_______________________________________________________________________________________

(June 21, 2020)


Adoption of AI critical to protect vital sectors: DFF

Several reports from the Dubai Future Research, an initiative by the Dubai Future Foundation or DFF, tries to anticipate the future of vital sectors in the aftermath of the ongoing global coronavirus crisis. In its eleventh "Life After COVID-19" report, the DFF has acknowledged the surge in cyberattacks worldwide following the outbreak of the pandemic and the growing dependence on digital infrastructures. Government entities may consider implementing AI-based cybersecurity systems to provide ongoing analyses of cyber threats and potential attacks.

Ref - WAM

_______________________________________________________________________________________

(June 20, 2020)


Six countries at target list for COVID-19 phishing emails

There are six nations that may see a large cyber attack on June 21 in the form of a COVID-19-themed phishing campaign from North Korean state hackers. The Coronavirus-themed cyber attacks are part of the Lazarus Group's large-scale campaign targeting more than 50 lakh individuals and businesses, including small and large enterprises, across six countries: India, Singapore, South Korea, Japan, the UK, and the US.


_______________________________________________________________________________________

(June 20, 2020)


Cybercriminals are targeting the healthcare sector majorly amid coronavirus

The global pandemic has resulted in an increase in cyber-attacks on the healthcare sector. Both the surge of patients in hospitals and the growing number of staff coming out of retirement to help cope with the pandemic inevitably lead to an increase in devices connected to hospital networks. Add to that the additional number of connected medical equipment that is needed to treat patients and the picture becomes clear: The number of devices in hospitals has skyrocketed, and so had the associated cybersecurity-related risks. 


_______________________________________________________________________________________

(June 20, 2020)

A dangerous LinkedIn and InvisiMole attacks are discovered 

While the world is focused on fighting COVID-19, cybercriminals are taking full advantage of it as two major cyber-attacks have been spotted. In the first attack, dubbed Operation Interception, attackers impersonated recruiters from reputed aerospace and defense companies on LinkedIn. Another threat which first surfaced in 2013, is dubbed InvisiMole. The spyware tool has extensive espionage capabilities and when installed on a system can perform a wide range of malicious tasks.


_______________________________________________________________________________________

(June 20, 2020)

Cybersecurity changes due to COVID-19 crisis

Phishing campaigns were the first attack vector to adapt to COVID-19. The virus caused a change in people’s behavior. People started looking for data on new areas of interest, looking for scarce supplies, visiting new sites, and clicking on new links they have never known before. This behavior change is heaven for phishing and spear-phishing campaigns. Phishing sites scrape legitimate data and sales offers to exploit user machines.

Ref - EleTimes

_______________________________________________________________________________________

(June 19, 2020)


Staying protected from rising cyber-attacks and fraud

Threat-aware employees are the first line of defense against cyber intrusions. To protect from a social engineering attack, coach all employees to take precautions, particularly on their mobile devices. Also, a business can avoid harm from COVID-19-themed phishing and BEC scams with suspicion, training, and technical safeguards. Test security software to make sure it works as it should and follow other basic security measures.

Ref - PWC

_______________________________________________________________________________________

(June 19, 2020)


Cyber fraud and changes in the banking sector increased due to coronavirus

A new wave of payment fraud has emerged in the US, as millions of consumers have shifted their banking and purchasing activity to online channels since the COVID-19 outbreak forced mandatory stay-at-home orders. Most major businesses also shifted their employees from working at the office to working from home full-time during the pandemic. The drastic changes created an entirely new target set for malicious actors.


_______________________________________________________________________________________

(June 19, 2020)


Indian firms see a six-fold rise in ransomware attacks

Indian companies are seeing a six-fold increase in ransomware attacks and paying twice as much ransom to hackers for data recovery in the backdrop of a novel coronavirus, or COVID-19, according to cybersecurity experts. While hackers are driven by financial motives, increasing unemployment and rising demand for competitor data are key drivers. A hacker first targets the vulnerable point (in the company’s infrastructure and sends the ransomware.


_______________________________________________________________________________________

(June 19, 2020)


Woman safety amid COVID-19 related cybercrime

Adding to the global increase in domestic abuse, an abundance of cybercrime has surged since the start of the COVID-19 outbreak. With particularly enhanced rates of phishing campaigns, the healthcare industry has borne a significant brunt in struggling to balance resource provision for patient care with cybercrime prevention. The threat of cyber attacks such as phishing rendering healthcare resources inaccessible poses an immense risk for victims.


_______________________________________________________________________________________

(June 19, 2020)


Smaller business having a smaller focus on cyber amid COVID-19 crisis

The Cyber Readiness Institute has found an ongoing gap in focus on cybersecurity threats among the smallest of companies, even as these numerous “micro-businesses” have joined the massive shift to remote work amid the COVID-19 pandemic. There remains a significant gap between the perceived importance of cybersecurity protections for businesses with fewer than 10 employees and those with more than 10 employees.


_______________________________________________________________________________________

(June 19, 2020)


A major upcoming phishing attack which promises free Covid-19 testing

The Indian government has issued an advisory to citizens warning them against a large-scale phishing campaign that impersonates the Indian government and promises free COVID -19 tests and other resources. In return, they steal important personal and financial data of citizens. The malicious actors are claiming to have 2 million individual email addresses and the attack campaign is expected to start on June 21st.


_______________________________________________________________________________________

(June 19, 2020)


Five Eyes will work together to fight COVID-19 cyber attacks

The Five Eyes intelligence alliance has come together to combat a surge in disinformation and state-sponsored cyber attacks triggered by the coronavirus crisis. In a meeting of the alliance earlier this week, the home affairs and security ministers of its member states, the UK, US, Canada, Australia, and New Zealand, explored plans to mitigate the threats. There has been a rise in coronavirus-related ransomware and phishing attacks in recent weeks.


_______________________________________________________________________________________

(June 19, 2020)

Employee and consumer security amid coronavirus crisis

Employee protections are different from consumer protection. At the core of it, though, employees are people, and so many of the same ideas and protections apply to employees. Ultimately, experts agree that the challenges of the new normal also present an opportunity for companies to get it right when expanding their security and privacy practices to cover a widely distributed workforce around the world.


_______________________________________________________________________________________

(June 19, 2020)

Staying protected from rising cyber-attacks and fraud

Threat-aware employees are the first line of defense against cyber intrusions. To protect from a social engineering attack, coach all employees to take precautions, particularly on their mobile devices. Also, a business can avoid harm from COVID-19-themed phishing and BEC scams with suspicion, training, and technical safeguards. Test security software to make sure it works as it should and follow other basic security measures.

Ref - PWC

_______________________________________________________________________________________

(June 19, 2020)


Cyber attacks on gamers increased during COVID-19 lockdown

There was a 54 percent increase in the daily number of attempts to direct users to malicious sites that exploited the gaming theme in April as compared to January, said cybersecurity firm Kaspersky. The study suggests that cybercriminals have been exploiting the increased popularity in video games during the COVID-19 lockdown to launch attacks. Users are often lured by promises such as free versions of popular games or cheats.

Ref - News18

_______________________________________________________________________________________

(June 19, 2020)


Cybersecurity changes in COVID-19 scenario

In recent months, working from home and remote interactions with services have become the new norm, and the way to work, interact, and live has shifted significantly. Within a few months, many lessons about cybersecurity are learned. Just like day-to-day lives, the attack landscape has changed and it is essential to know what is different and how to react to it, in order to keep the organization safe and secure.

Ref - CXOToday

_______________________________________________________________________________________

(June 19, 2020)


Cybercriminals are targeting self-employed with HMRC SMS phishing scam

Cybercriminals have launched a new phishing scam designed to steal personal and financial details of millions of self-employed workers using the Self-Employment Income Support Scheme (SEISS) during the Covid-19 outbreak. The scam, uncovered by litigation specialists Griffin Law, begins with a text message sent to self-employed workers offering a tax rebate purporting to be from HMRC. The text message informs the victim they are eligible for a tax refund, which eventually leads them to the theft of their personal details.


_______________________________________________________________________________________

(June 19, 2020)


Cyber risks after businesses will reopen

A rapid rise of opportunistic cybercriminal activity taking advantage of the chaos created by COVID-19 is witnessed. After lockdown lifted, the concern for many companies should also include heightened cybersecurity threats. Incorrect use or misconfigurations create new cyberthreat opportunities to lurking bad actors. A missed certificate, a wrong setting, insufficient management, or unmanaged user training are all open windows for cybercriminals to sneak through.

Ref - Forbes

_______________________________________________________________________________________

(June 19, 2020)


Increasing investments in cybersecurity provide greater protection 

Increasing investments in cybersecurity can generate a significant return on investment (ROI) of 179%, according to a new study released by ESI Thoughtlab. The study, which was conducted on some 1,009 companies across 13 industries and 19 countries, has revealed that increasing investments in cybersecurity provide greater protection as companies cope with the fallout from COVID-19 pandemic around the world.


_______________________________________________________________________________________

(June 19, 2020)


Small businesses are hot target amid coronavirus

89% of small businesses are moving to a remote workforce during COVID-19 stay-at-home orders. However, small businesses can make themselves resilient against common attacks, such as phishing, by focusing on employee education and awareness and creating a culture of cyber readiness within the organization. Businesses should use best cyber-hygiene practices that focus on using secure passwords, patch management, and understanding the tricks bad actors use to penetrate any infrastructure.


_______________________________________________________________________________________

(June 18, 2020)


Authentication disconnected due to COVID-19 fears

Two recent surveys (Specops Software and iProov) highlight a huge disconnect between the public’s authentication fears and their actions. According to a Eurobarometer survey, 41% of Europeans were already concerned about the security of online payments. The survey also reveals that although many users are feeling more vulnerable to cyber threats as a result of the pandemic, they are not using secure authentication techniques. 


_______________________________________________________________________________________

(June 18, 2020)


Preventing cybersecurity threats and protecting vulnerable countries

To protect stay protected, countries need to shift from reactive to proactive measures, developing global prevention platforms to identify and prevent such threats. The weaknesses and lack of preparedness exposed at the time of pandemic provide a window onto how a bioterrorist attack might unfold and may increase its risks. Also, emerging technologies create growing interdependence between cyber-, bio- and human security threats.

Ref - WeForum

_______________________________________________________________________________________

(June 18, 2020)


Coronavirus-themed cyber attacks often correlated with local news stories

Microsoft’s Threat Protection Intelligence Team has published a report providing a detailed look into the proliferation of COVID-19-themed phishing over the past several months. The researchers found that the timing of these attacks was often correlated with local news stories, which works better to capitalize on peoples’ fears when tensions were highest. In the UK, for example, COVID-19-themed phishing attacks peaked when the US announced a travel ban to Europe.

Ref - Knowbe4

_______________________________________________________________________________________

(June 18, 2020)


Bitdefender’s Coronavirus related cybersecurity research

A report “Indelible Impact of COVID-19 on Cybersecurity Study” revealed that half of the infosec professionals (50%) didn’t have a contingency plan in place or didn’t know if they did, for a situation like COVID-19 pandemic or a similar scenario. This lack of forward planning has come at great risk, as 86% of infosec professionals admitted that attacks in the most common attack vectors were on the rise during this period.


_______________________________________________________________________________________

(June 18, 2020)


Canada is being targeted for COVID-19 research

When the federal government issued an alert in March saying that sophisticated hackers were targeting COVID-19 researchers in Canada, it did so without citing specific attacks or evidence. One method that hackers are likely to use in stealing research is spear-phishing or targeting researchers with e-mail messages that appear to be from trusted sources. As opposed to generic spam, such messages are personalized and the product of individualized research on the recipient by the sender.


_______________________________________________________________________________________

(June 18, 2020)


Coronavirus-themed cyber attacks are preventable

Most Coronavirus-themed cyber attacks can be prevented if the organization chose to follow simple steps: doing security assessment, implementing the spam filtering solution, timely patch deployment, implement IDAM ( Identity and access management solution), use endpoint-detection and response, implement multi factor authentication. They also need to implement mobile device security, data encryption, disaster recovery plan, and web application security.


_______________________________________________________________________________________

(June 18, 2020)


Impact of COVID-19 on the security analytics market

The value of Security analytics has increased exponentially during the COVID-19 pandemic as there are unforeseen threats on the horizon and on detected weaknesses that could destroy the infrastructure of a business and its systems. For example, the COVID-19 pandemic has required many businesses to transition their employees to work at home positions. This means that employees are now using their own hardware and their own networks, which might be riddled with security issues.


_______________________________________________________________________________________

(June 18, 2020)


COVID19-themed attacks are less than 2% of total threats

COVID-19-themed cyber-attacks comprised only a tiny amount of overall threat volumes over the past four months despite sensational headlines, according to Microsoft. In comments echoing those it made at the start of the crisis, the Microsoft Threat Protection Intelligence Team claimed that even the peak of COVID-related attacks in the first two weeks of March was “barely a blip in the total volume of threats typically seen in a month.”


_______________________________________________________________________________________

(June 18, 2020)


COVID-19 impact on the automotive cybersecurity market 

A report titled “Automotive Cyber Security Market: Global Demand Analysis & Opportunity Outlook 2027” delivers a detailed overview of the global automotive cybersecurity market in terms of market segmentation by security, by solution, by application, by vehicle, and by region. The Final Report also covers the impact analysis of COVID-19 on this industry. This report also provides the existing competitive scenario.


_______________________________________________________________________________________

(June 18, 2020)


Lazarus Group planning a large-scale phishing campaign

Hacker groups (including the Lazarus Group) are planning a large-scale phishing campaign targeted at more than 5M individuals and businesses (small, medium, and large enterprises) across six countries and multiple continents. The hacking campaign involved using phishing emails under the guise of local authorities in charge of dispensing government-funded COVID-19 support initiatives. These phishing emails are designed to drive recipients to fake websites where they will be deceived into divulging personal and financial information.

Ref - Cyfirma

_______________________________________________________________________________________

(June 18, 2020)


Oxford released a statement for protecting healthcare from cyberattacks

An Oxford Statement was signed by a team of 120 International Lawyers, in a bid to protect firms serving in the healthcare sector from cyber attacks. It was a formal pronouncement to combat cyber threats on the computer systems serving in the healthcare sector. The Oxford Statement states that their undersigned lawyers are against the cyber incidents targeting medical facilities across the world that are busy combating the spread and containment of COVID 19.

Ref - Zephynet

_______________________________________________________________________________________

(June 18, 2020)


Cyberattacks targeting the healthcare industry on the rise

Federal prosecutors are looking at false statements made by applicants for coronavirus relief loans. They also are seeing a rise in cyberattacks on the health-care industry. These are some of the coronavirus-related enforcement issues which the U.S. Department of Justice is facing. The health-care industry in particular has been affected by pandemic-related criminal activity. Regulatory agencies also have made efforts to target coronavirus-related fraud and misconduct.


_______________________________________________________________________________________

(June 18, 2020)


Cybersecurity challenges around collaboration amid coronavirus

Due to the Coronavirus pandemic, many people around the world are working from home, and for this reason, the cybersecurity concerns have grown drastically. Employees are more tempted to get files to colleagues quicker and are more likely to cut corners. With collaboration taking place inside and outside an organization as a matter of course, this has seen entire supply chains potentially exposed to increased cyber-attack during the lockdown.


_______________________________________________________________________________________

(June 18, 2020)


Half of SMEs sharing confidential files amid Coronavirus

Nearly half of small and medium-sized enterprises (SMEs) are frequently sharing confidential files like spreadsheets and employee data via email. Despite this, three in every five company owners (60%) reported that they have not upgraded company security since shifting to a remote working model. The COVID-19 crisis has forced a majority of business owners to quickly implement remote working systems in order to continue trading despite strict lockdown measures.


_______________________________________________________________________________________

(June 18, 2020)


China-Russia 'exploiting' COVID-19 pandemic 

Foreign Secretary admitted that Russia and China, as well as non-state organizations, are trying to use the coronavirus crisis to their advantage. The UK is constantly preparing itself for cyber-attacks and other forms of international interference despite the challenges of coronavirus. Coronavirus has created an opportunity or perceived opportunity for various different states and non-state actors through cyber and other means.

Ref - Express

_______________________________________________________________________________________

(June 18, 2020)


Sapiens encountered a cyber incident amid the Coronavirus

Sapiens has sent a letter to its workers, customers, and suppliers, telling them about a ransom attack that cost it about a quarter of a million dollars. The hack is believed to have occurred while most of the company’s employees switched to work from home amid the coronavirus (COVID-19) crisis. The company's management also issued a letter to suppliers and customers in mid-April telling them about the attack that it was victim to.


_______________________________________________________________________________________

(June 18, 2020)


The changing face of cybercrime amid coronavirus

Trend Micro Incorporated has released data on cybercriminal operations and patterns for buying and selling goods and services in the underground. Trends in underground marketplaces will likely shift further in the months following the global COVID-19 pandemic, as attack opportunities continue to evolve. To protect against the ever-changing threat landscape, a multi-layered defense approach is needed to protect against the latest threats.


_______________________________________________________________________________________

(June 18, 2020)


Microsoft publishes security tips to combat cyberthreats

To combat cyberthreats, Microsoft suggests users to turn on automatic security updates, antivirus, and firewall. Use Wi-Fi encryption options for access and protect the digital identity and keep a guard up in online chats and conferencing services. Use the right file-sharing service for the right task. Provide training and spread awareness about tech support scams and be wary of offers that are too good to be true, pressure time, or promise a guaranteed free prize.

Ref - IndiaTimes

_______________________________________________________________________________________

(June 17, 2020)


A rise in cyber-attacks across all sectors due to coronavirus

Cyber attacks using COVID-19 as a lure have surged across all industries from March to April 2020. The healthcare sector is the worst hit, with a surge of phishing attacks by almost 200 times in the first four months. Experts say while smart technology helps professionals to do a better job, it also introduces more room for attacks.


_______________________________________________________________________________________

(June 17, 2020)


Cybercriminals launched a wave of attacks on COVID-19 vaccine researchers

Governments, companies, and educational institutions around the world have banded together to come up with a vaccine or treatment for COVID-19. But efforts to collectively come up with a cure have been undermined by a diverse array of cyberattacks from government actors looking to outright steal information about potential vaccines.


_______________________________________________________________________________________

(June 17, 2020)


COVID-19 cyber attacks increased in march and fell off quickly

The COVID-19 pandemic saw a massive spike in cyber attacks around the globe this spring. A new report from Microsoft reveals some very surprising details about the surge in criminal activity online. According to Microsoft COVID-19 themed attacks started in early February, just days after the WHO declared a global health emergency. Attack volumes spiked to nearly a million a day during the first week of March. Just a week later they’d fallen off by around 30%. As the calendar flipped ahead to April, cyber attacks leveraging the COVID-19 crisis dropped below 100,000 per day.

Ref - Forbes

_______________________________________________________________________________________

(June 17, 2020)


Coronavirus’s first wave of cybersecurity

Over the last few months, a massive upturn in phishing attacks (over 37% at the start of the crisis) was spotted and attackers seeking to find new vulnerable targets, such as hospitals, have experienced a huge increase in attacks. On a global-scale, threat actors are continuing to innovate, especially where they are having the most success such as web shells, exploit kits, and targeted ransomware. It is ransomware that has seen a large increase over the last few months with attackers changing their focus of attack.


_______________________________________________________________________________________

(June 17, 2020)


Common cyber attacks increased during COVID-19

A new survey from Bitdefender revealed that 50% of infosec professionals did not have a contingency plan to face a situation like the COVID-19 pandemic. The survey “The Indelible Impact of COVID-19 on Cybersecurity” stated that lack of forward planning from organizations resulted in a surge of cyberthreats, with 86% of infosec professionals admitting that attacks in the most common attack vectors were on the rise during the pandemic.

Ref - CISOMag

_______________________________________________________________________________________

(June 17, 2020)


The COVID-19 crisis dominating the Cybersecurity World

According to the Infosecurity Magazine State of Cybersecurity 2020 report, the COVID-19 pandemic has taken by force not only the public health systems and the world economy but also cybersecurity. It is the trend that has the most profound impact on this industry. Other top trends shaping the sector were the cloud, artificial intelligence and machine learning, the human element, and phishing attacks.

Ref - TripWire

_______________________________________________________________________________________

(June 17, 2020)


COVID-19 is doing good for cybercriminals

The coronavirus pandemic has fuelled a disturbing rise in the number of cyber-attacks. As COVID-19 pushes the legitimate economy towards recession, the cybercrime economy appears to be surging. Furthermore, the impact of the virus has rapidly reshaped the way business is being done on the Dark Web, as buyers and sellers jump on the opportunity to profit from a significant change in supply and demand.

Ref - Biia

_______________________________________________________________________________________

(June 17, 2020)


COVID-19-themed cybercrime while working from home

Cybercriminals are taking advantage of the rampant fear and uncertainty about coronavirus that people are experiencing since the past few months. Many of the cybercriminals who are currently preying on people are after personal data such as credit card information; however, they also pose a severe threat to businesses that have sent their employees home to work remotely.


_______________________________________________________________________________________

(June 17, 2020)


REvil ransomware active amid coronavirus pandemic

The cyber crooks behind the notorious REvil ransomware have begun auctioning off stolen data to the highest bidder, according to an auction page that surfaced earlier this month over the Dark Web. The REvil ransomware gang’s new stolen data auction hints not only at the group’s changing tactics but also at the ways in which the economic impact of COVID-19 may come to have an effect on the world of cybersecurity.


_______________________________________________________________________________________

(June 17, 2020)


Securing remote working by using Cloud services

Lines of business applications need a secure, protected cloud platform when people access them while working from home amid coronavirus pandemic. When using cloud platforms, developers can provide new applications with a minimum of financial and compliance risks. The developers can then build and deploy applications quicker because they are not waiting for capital purchases or IT support. 


_______________________________________________________________________________________

(June 17, 2020)


Online safety guide while working remotely

Some general guidelines were provided for employees working from home. Install an antivirus and keep it updated, to protect devices from all kinds of malicious software. Use unique passwords for every time logging in. Ensure to use a Virtual Private Network (VPN) every time using public WI-FI. Use two-factor authentication, it adds another layer of authentication on top of username and password. Use passcodes and other basic security measures even when they are optional.

Ref - Medium

_______________________________________________________________________________________

(June 17, 2020)


COVID-19 impact on Global Cyber Security Market 

The Global Cyber Security Market Research report provided by Reports Monitor is a detailed study of the Global Cyber Security Market 2020, which covers all the essential information required by a new market entrant as well as the existing players to gain a deeper understanding of the market. The global Cyber Security Market report focuses on the COVID-19 Outbreak Impact analysis of key points influencing the growth of the market.


_______________________________________________________________________________________

(June 17, 2020)


Cybercriminals are attacking hospitals amid COVID-19

Bad actors are identifying healthcare systems as a particularly desirable target, with hospitals in Spain, France, the Czech Republic, and Israel all having suffered known cyber-attacks since the start of the pandemic. Interpol recently released a global alert to healthcare organizations warning that criminals are attempting to use ransomware attacks to lock users out of their own systems.


_______________________________________________________________________________________

(June 17, 2020)


COVID-19 exposed the vulnerabilities of remote infrastructure

The increasing number of cyberattacks revealed that most of the modern-day enterprises are unaware of how to approach security in this untrusted and diverse IT landscape. To add to this, the COVID-19 pandemic has further exposed the vulnerabilities of remote infrastructure, making businesses highly prone to cybercrimes. In a situation like this, it becomes imperative for companies to deploy strategies to safeguard themselves from such attacks.


_______________________________________________________________________________________

(June 17, 2020)


Proactive cybersecurity is important to fight coronavirus-themed cyber attacks

Proactive cybersecurity measures could include: Network and endpoint monitoring, achieving proactive security measures by having a mindset of a hacker, threat hunting to eliminate or fix the risk zone before it can be misused by a hacker. Also, organizations need to be proactive in training their SOC team members as they are the heart of any organization’s defense mechanism. Age-old tools and technologies cannot efficiently battle modern threats.

Ref - CXOToday

_______________________________________________________________________________________

(June 17, 2020)


Cyberattacks targeting the financial sector amid COVID-19 

As the COVID-19 battle continues, it is clear that attackers will continue to target vulnerable populations and organizations, with an eye on finance. Increased vigilance and visibility into enterprise-wide endpoint activity are more paramount than ever. In order to fight against these attacks, financial institutions must conduct regular cyber threat hunting exercises to root out any persistent attacker that might already be inside.


_______________________________________________________________________________________

(June 17, 2020)


Businesses are vulnerable to attacks due to coronavirus

For Indian cybersecurity startups, COVID-19 presents a rare opportunity to cement their standing among larger rivals, as they address the growing demand for high-quality threat detection, preparation, and prevention solutions. Admittedly, the grown landscape of cyber attacks makes the role of cybersecurity even more critical in the ‘new normal’ where businesses are faced with either a remote or a distributed working model.

Ref - YourStory

_______________________________________________________________________________________

(June 17, 2020)


Ensuring security and data protection while working remotely

While most organizations are channeling efforts towards business continuity, they also need to pay attention to securing systems, resources, and data while activating necessary mechanics for monitoring and protection to embrace the new normal, remote working. In this situation, IT teams need to effectively facilitate the infrastructure and the environment in innovative ways, considering that work from home is going to continue for a long period.

Ref - DQIndia

_______________________________________________________________________________________

(June 16, 2020)


Coronavirus brings a larger attack surface

Security professionals around the world are facing a larger attack surface due to coronavirus. More employees than ever are working from home and using routers, Wi-Fi modems, and home networks that are much less secure than corporate environments. The shift to working from home has created a massive surge in demand for cloud services. Also, security analysts and IT administrators are the most desired targets of threat actors because most of them are working from home.

Ref - Bricata

_______________________________________________________________________________________

(June 16, 2020)


An increase detected in nation-state misinformation and cyberattacks

4iQ, an adversary intelligence company, released its COVID-19 Threat Report, which explores a host of notable scams that have surfaced during these uncertain times, including sextortion/blackmail emails, fake news, ransomware, and phishing campaigns. In this report, 4iQ describes trends that have emerged in the wake of COVID-19. The reports offer insight into who is committing these cybercrimes, and why.


_______________________________________________________________________________________

(June 16, 2020)


Cybercriminals adapt their tactics according to coronavirus crisis

In the past several months, seemingly conflicting data have been published about cybercriminals taking advantage of the COVID-19 outbreak to attack consumers and enterprises alike. Big numbers can show shifts in attacker behavior and grab headlines. Cybercriminals did indeed adapt their tactics to match what was going on in the world, and what was seen in the threat environment was parallel to the uptick in COVID-19 headlines and the desire for more information.

Ref - Microsoft

_______________________________________________________________________________________

(June 16, 2020)


Need for cybersecurity experts grows after Coronavirus

Amid the lockdown brought on by COVID-19, cyberattacks have risen considerably, resulting in the growing demand for skilled cybersecurity professionals. Cybersecurity-based job postings increased by 6%, while searches for various roles related to it grew by 30% from February to May 2020. In comparison, job postings related to software development rose by 13%, while searches for these roles grew by 37%, during the same period.

Ref - LiveMint

_______________________________________________________________________________________

(June 16, 2020)


Cybercriminals keep looking for new ways to exploit coronavirus fear

From the very beginning of the coronavirus pandemic, cybercriminals have been looking for ways to use it for their own benefit. Attackers send out phishing emails, passing them off as important messages about COVID-19, and also attack medical and research organizations involved in testing and research in this area, both for the purpose of gaining profit and for useful information. Also, one of the serious problems associated with both COVID-19 and the field of information security is the spread of misinformation.

Ref - Belinsoft

_______________________________________________________________________________________

(June 16, 2020)


Ransomware attacks on healthcare sector amid coronavirus crisis

A host of cyberattack trends in the health sector have emerged in the wake of the COVID-19 pandemic, as hackers seek to take advantage of the crisis with ransomware and misinformation campaigns, according to a 4iQ report. Mitigation techniques, such as edge-to-cloud security, can help reduce the increased risk to the healthcare sector.


_______________________________________________________________________________________

(June 16, 2020)


Developing markets face challenges due to ransomware and malware encounters

Microsoft unveiled Asia Pacific findings from the latest edition of its Security Endpoint Threat Report 2019, annual research aimed at identifying cyber threats and building cyber resilience across the region. Of the millions of targeted phishing messages seen globally each day, roughly 60,000 include COVID-19 related malicious attachments or malicious URLs. COVID-19-themed threats are mostly rethreaded versions of existing attacks.


_______________________________________________________________________________________

(June 16, 2020)


SaaS applications should be used for remote working

The evolution of Software as a Service (SaaS) tool comprises collaboration boosters like videoconferencing and real-time communication software. The importance of these tools is more in empowering organizations, not just to survive the COVID-19 pandemic but also to thrive in the future and rise above the current challenges. During these days, cloud has been offering a major set of capabilities like security, flexibility, and scalability for enabling work from home.


_______________________________________________________________________________________

(June 16, 2020)


Cyber fraud increased due to changes in banking after coronavirus

A new wave of payment fraud has emerged in the US, as millions of consumers have shifted their banking and purchasing activity to online channels since the COVID-19 outbreak forced mandatory stay-at-home orders, and most major businesses shifted their employees to work from home on a full-time basis. These drastic shifts in e-commerce and mobile banking has opened up an entirely new target set for malicious actors.


_______________________________________________________________________________________

(June 16, 2020)

Every country in the world facing COVID-19-themed cyber attacks

According to the Microsoft Threat Intelligence Protection team, every country in the world has seen at least one COVID-19 themed cyber attack. Of the millions of targeted messages seen each day, roughly 60,000 involve COVID-19 related malicious attachments or malicious URLs. Also, attackers impersonating established entities like the World Health Organization (WHO) and other health-related organizations to trick people into clicking on links in unsolicited emails.

Ref - Microsoft

_______________________________________________________________________________________

(June 16, 2020)

COVID-19 impact on Global Threat Intelligence Software Market

The latest research study on the “Global Threat Intelligence Software Market” published by AMA offers a detailed overview of the factors influencing the global business scope. A special chapter in the study presents ‘Impact Analysis of COVID-19 pandemic on Global Threat Intelligence Software Market’ along with tables and graphs related to various countries and segments showcasing the impact on growth trends.

Ref - PrimeFeed

_______________________________________________________________________________________

(June 16, 2020)

Israeli COVID-19 patient tracing app is having privacy issues

Israeli startup GlobeKeeper Tech Ltd.’s SAFE application, designed to trace proximity to coronavirus (COVID-19) patients is causing concern in the U.S. The company is currently in negotiations to sell the app to state governments as well as to private companies. The Tel Aviv-based company developed the SAFE app in parallel to developing the Israeli Ministry of Health’s Magen (Hebrew for shield) proximity tracing app, but the two are very different.


_______________________________________________________________________________________

(June 16, 2020)

Cybercriminals are pushing phishing/ransomware scams amid Coronavirus

There was a 25% spike in ransomware attacks in the first quarter of 2020 versus the fourth quarter of 2019, based on incidents reported to the in-house breach response team for insurer Beazley’s Breach Response (BBR) Services. While nearly all industries reported incidents, the manufacturing sector was the hardest hit with a 156% increase in incidents quarter-over-quarter, according to the specialist insurer.


_______________________________________________________________________________________

(June 16, 2020)

COVID-19-related cyber attacks are falling

While COVID-19-related attacks have fallen, a 16% increase in overall cyber-attacks in May compared to March and April is recorded, so organizations must remain vigilant by using certain tools and techniques, especially with the mass shift to remote working, which attackers are taking advantage of. Check Point researchers warn that with the Dridex, Agent Tesla, and Ursnif banking trojans all rank in the malware top 5 in May 2020.


_______________________________________________________________________________________

(June 16, 2020)

Impact of COVID-19 on Middle East Cybersecurity Market

The Middle East Cybersecurity pre-COVID 19 Market size is projected to grow from USD $16.1 billion in 2020 to USD $28.7 billion by 2025, at a Compound Annual Growth Rate (CAGR) of 12.2%. The post-COVID 19 market size is projected to grow from USD 15.6 billion in 2020 to USD $29.9 billion by 2025, at a CAGR of 13.8% during the forecast period. 


_______________________________________________________________________________________

(June 16, 2020)

Lazarus Group exploiting fears of COVID-19 

An unusually high number of new malware variants linked to North Korean hackers may indicate a phase of increasing attacks against foreign targets. Malware analysts at Intezer identified ten new samples attributed to the Lazarus Group within the past two weeks, a number that is not common at all and maybe aiming to exploit common fears related to COVID-19. These samples were uploaded from countries such as the United States and Canada.

Ref - NKNews

_______________________________________________________________________________________

(June 16, 2020)

Bahrain, Norway, and Kuwait tracing apps putting privacy at risk

Contact-tracing apps rolled out by Bahrain, Kuwait, and Norway to track the spread of the coronavirus have endangered the privacy and security of hundreds of thousands of people by marking users’ locations in real-time. Bahrain’s “BeAware Bahrain”, Kuwait’s “Shlonik” and Norway’s “Smittestopp” apps stood out as some of the most alarming mass surveillance tools in an analysis of 11 apps across Europe, the Middle East, and Africa.


_______________________________________________________________________________________

(June 15, 2020)

Norway suspends COVID-19 Tracing App due to privacy concerns

Norway's health authorities said they had suspended an app designed to help trace the spread of the new coronavirus after the national data protection agency said it was too invasive of privacy. Launched in April, the smartphone app Smittestopp ("Infection stop") was set up to collect movement data to help authorities trace the spread of COVID-19, and inform users if they had been exposed to someone carrying the novel coronavirus.


_______________________________________________________________________________________

(June 15, 2020)

Evolution of cybersecurity threat of Coronavirus

After the Coronavirus pandemic, businesses are facing an increased frequency of cyber-attacks. Since the COVID-19 pandemic began, the World Health Organization has reported an increase in cyberattacks, going so far as to issue a warning that hackers and cyber scammers are taking advantage of the pandemic to send fraudulent email and messages. Any change in routine creates new opportunities for hackers and cybercriminals.


_______________________________________________________________________________________

(June 15, 2020)

Need for increased cybersecurity efforts amid COVID-19

While economic turbulence and increased mental health issues have emerged as some of the top concerns brewing amid the COVID-19 pandemic, there’s also been a massive surge in cybercrimes across the world. Cybersecurity Ventures, researchers for the global cyber economy, predicted that cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. And the cybercrime dangers have exacerbated even more during the pandemic.

Ref - Mashable

_______________________________________________________________________________________

(June 15, 2020)

Zero-day phishing email attacks on the rise after Coronavirus pandemic

Amid a troubling rise in zero-day phishing attacks, recent research suggests that some companies may be making an ill-advised shift away from blocking advanced email threats to responding to them post-delivery. Since January, cybercriminals taking advantage of the COVID-19 outbreak have been targeting businesses and individuals with an unprecedented wave of phishing emails fraudulently offering miracle cures, and more. 

Ref - Agari

_______________________________________________________________________________________

(June 15, 2020)

Protecting schools from cyber attacks amid Coronavirus

Schools around the world have been forced to adopt an online learning model for students thanks to the COVID-19 pandemic. One of the biggest concerns educators need to have in this situation is exactly how to create a fully secure remote learning environment in order to keep sensitive information for both the schools and individual students safe from hackers.


_______________________________________________________________________________________

(June 13, 2020)


Cano Health is compromised amid coronavirus crisis 

Cano Health, a health management company and operator of primary care medical centers in Florida, is advising its patients of a privacy event that may have compromised certain personal information. The company recently learned on April 13, 2020, that three employee email accounts were accessed by an unknown perpetrator, and that messages from these accounts may have been forwarded to an outside email account without its knowledge.


_______________________________________________________________________________________

(June 15, 2020)


White hat hackers are protecting hospitals from cyber attacks

The white hat hackers and cybersecurity companies are fighting against an array of cyberattacks that are taking advantage of the stress and chaos of the COVID-19 pandemic. They are using their skills for defining and defending against phishing attacks and tackling misinformation. The groups are working closely with law enforcement, including the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA).

Ref - FreeThink

_______________________________________________________________________________________

(June 15, 2020)


Importance of cybersecurity awareness training 

According to various reports, there’s been a 500% increase in cyber attacks since the Coronavirus turned the world upside down. During the pandemic, IT heroes across the globe have been doing everything they can to keep employees productive while working remotely, but it is becoming harder and harder for IT teams. This is why now, more than ever, cybersecurity awareness is of the utmost importance.

Ref - CXOToday

_______________________________________________________________________________________

(June 15, 2020)


UAE witnessed a 24% drop in smartphone cyber attacks

The number of cyberattacks targetted at smartphones in the UAE dropped 24.3 percent year-on-year in the first quarter of 2020. Apparently, users remained increasingly cautious as they continued to work remotely to curb the spread of COVID-19. Smartphone users in the country encountered 39,828 attacks in the three months to March 31, nearly 12,779 less than the same period last year, disclosed by Kaspersky, the Moscow-based cybersecurity company.


_______________________________________________________________________________________

(June 15, 2020)


Cybersecurity for remote workers is a challenge for Australian and New Zealand businesses

The partial lifting of COVID-19 shutdown restrictions is ongoing, and the resumption of normal service is still some way off, for Australian and New Zealand businesses. Even after it arrives, enterprises of all stripes may well persist with remote working arrangements for some or all employees, some or all of the time. Helping customers navigate the security risks posed by this modus operandi has been a key challenge for the region’s small army of managed service providers. 


_______________________________________________________________________________________

(June 15, 2020)


COVID-19 impact on Cloud amid work from home

McAfee released a new research study titled Cloud Adoption & Risk Report - Work From Home Edition. The report uncovers a correlation between the increased use of cloud services and collaboration tools, such as Cisco WebEx, Zoom, Microsoft Teams, and Slack during the COVID-19 pandemic, along with an increase in cyber-attacks targeting the cloud. The use of all cloud services from every industry grew 50% overall from the start of 2020.

Ref - Mcafee

_______________________________________________________________________________________

(June 15, 2020)


Cybersecurity for SMBs amid Coronavirus pandemic

For SMBs transitioning to online operations and delivery, Microsoft has shared Teams as a free offering to give them a leg up in the past six months. Cybersecurity is a particularly challenging area for SMBs, as phishing and hacks have skyrocketed over the past several months, making these businesses susceptible to attacks. By implementing a critical communications infrastructure that maintains security, such as Teams, can be a good help to maintain operations and productivity.


_______________________________________________________________________________________

(June 15, 2020)


Need for secure video technologies amid COVID-19

As a result of remote working setups due to COVID-19, the use of enterprise video technologies has increased significantly in Australia and New Zealand. The pandemic has been a video's evolutionary event. Whether it's hosting an industry conference or holding a company meeting, enterprises will continue growing their need for secure, reliable video technologies to stay connected both internally and with the market and customers.


_______________________________________________________________________________________

(June 15, 2020)


Cybercriminals are targeting working from home security flaws

Cyber attackers utilizing the remote access software (that are in great demand due to Coronavirus) to get inside the networks of the organizations they want to attack. Once they have that access, they are using that to lock and disable the systems, and then they are asking for money in order to re-enable those systems so that the organizations can continue to operate. These attackers are more likely financially motivated.

Ref - RNZ

_______________________________________________________________________________________

(June 15, 2020)


COVID-19 impact on Automated Breach and Attack Simulation (BAS) Market

Automated Breach and Attack Simulation (BAS) Market research report are now released and it covers an overview of the industry policies. The report details information about the top key players, sales, revenue, future trends, research findings, and opportunities. A granular case study of impacts of COVID 19 on Automated Breach and Attack Simulation (BAS) Market has been incorporated in this detailed report.


_______________________________________________________________________________________

(June 15, 2020)


Lockdown is resulting in an increase in cybercrime 

The lockdown, carried out in response to the COVID-19 pandemic, has been found directly responsible for a significant increase in cybercrime in Australia and globally, says security vendor Radware. The increased number of people working from home opened up many opportunities for hackers and criminals. The lockdown caused by pandemic has also meant a significant increase in the use of entertainment services for video streaming and online gaming, making it easier for the so-called ‘bad guys’ to carry out cyber attacks.

Ref - ITWire

_______________________________________________________________________________________

(June 15, 2020)


Claire's and Intersport web store breached amid Coronavirus

Hacker groups that engage in web skimming attacks (also known as Magecart) have breached the web stores of two of the world's biggest retail chains accessories store Claire's and sporting goods retailer Intersport. Both Claire's and Intersport incidents took place during the coronavirus (COVID-19) pandemic when most physical stores had been closed, and the companies redirected users toward their online sites for product purchases.

Ref - ZDNet

_______________________________________________________________________________________

(June 14, 2020)


The payment card data security standard and COVID-19 

Since the outbreak of COVID-19, it seems that cybercriminals have ramped up their efforts and organizations are increasingly failing to maintain full compliance with all twelve requirements that constitute the PCI DSS standard. Unfortunately, while realizing compliance with the PCI DSS is a fundamental step to building a strong security posture, many mistake certification of such compliance as the equivalent of the security.


_______________________________________________________________________________________

(June 13, 2020)


Stay away from viruses and cyber frauds during COVID-19 crisis

There has been an unprecedented increase in malicious cyber activity during the COVID-19 crisis. Phishing attacks attempting to steal money or secrets from home-office workers have more than doubled compared to last year, and in some places, they are up sixfold. Even hospitals treating COVID-19 patients have been targeted, and the World Health Organization (WHO) itself has reported a five-fold increase in attacks on its networks.


_______________________________________________________________________________________

(June 13, 2020)


China become a victim of disinformation campaigns about Coronavirus on Twitter

The Chinese government disclosed that it has been affected by some disinformation campaigns on Twitter. It called on the social media platform to delete accounts that have been attacking the country over the coronavirus. The move came a day after Twitter had removed more than 170,000 accounts (23,750 accounts that were part of a highly engaged core network, as well as 150,000 “amplifier” accounts) tied to a Chinese influence operation that spread misinformation.


_______________________________________________________________________________________

(June 13, 2020)


Digital identity solutions market will grow due to Coronavirus

Digital Identity Solutions Market report aims to provide a holistic view of the global market in terms of upcoming technology, key developments, drivers, restraints and future trends, along with the impact analysis of these trends on the market for short-term, mid-term and long-term. The increase in risks of cyberattacks has increased the inclination of business parties electing for on-premises due to its high security.


_______________________________________________________________________________________

(June 12, 2020)


Risk of data loss increases amid Coronavirus

Data loss is on the steady rise among private companies and public organizations alike, creating a dire risk for companies during the coronavirus crisis. This is according to a new data trends report by cybersecurity solutions firm Digital Guardian. The report revealed that hundreds of terabytes of potentially sensitive corporate data might be at risk, as it is being stored and accessed by employees from their homes. The report covered organizations across a range of sectors, including financial services, business services, manufacturing, and healthcare, among others.


_______________________________________________________________________________________

(June 12, 2020)


Cybersecurity before and after COVID-19

During the COVID-19 epidemic, there have been several instances of fraudsters targeting airlines, hacking of COVID-19 related health databases, and most notably brandjacking attacks on the PM’s COVID-19 Relief fund. Work from home continues to be the go-to option for the near future and there is a possibility of it becoming a permanent feature for most kinds of jobs and businesses to stay protected even after the pandemic is over.


_______________________________________________________________________________________

(June 12, 2020)


COVID-19-themed cyberthreats increased in India, Brazil, and the U.K.

Google has warned about the emerging COVID-19 cyber threats in India, Brazil, and the U.K. The search engine giant stated that attackers are using malware and phishing emails that imitate legitimate financial incentives to entice users to respond. An increased number of email attacks are observed, most of them COVID-19 related scams, in the targeted countries.

Ref - CISOMag

_______________________________________________________________________________________

(June 12, 2020)


COVID-19 impact on Mobile Security Software Market 2020-2024

Technavio has announced its latest market research report titled Global Mobile Security Software Market 2020-2024. Technavio has been monitoring the mobile security software market and it says that it is poised to grow by USD 1,862.62 million during 2020-2024, progressing at a CAGR of over 8% during the forecast period. The report offers an up-to-date analysis regarding the current market scenario, the latest trends and drivers, cyberattacks, and the overall market environment.


_______________________________________________________________________________________

(June 12, 2020)


COVID-19 effects on national security and cyber espionage

COVID-19 has seen a major shift in the tactics used by cybercriminals. Many scammers have used the disruption of the Coronavirus pandemic to target people with social engineering attacks, but there have also been far more ambitious attacks. There is a lot of valuable information sitting on government and medical research facility databases, and no shortage of actors trying to get their hands on this information.


_______________________________________________________________________________________

(June 12, 2020)


Cybersecurity and fraud during COVID-19 pandemic

Cybersecurity is a growing risk for all organizations, and it’s clear that charities and religious organizations are a target for those wishing to perpetrate fraud or hackers just as other businesses are. The government’s Cyber Security Breaches Survey 2019 revealed that around 20% of charities have experienced some form of data breach or cyber-attack in the past 12 months, highlighting the vulnerability of the sector.

Ref - Stoneking

_______________________________________________________________________________________

(June 12, 2020)


COVID-19 pandemic may end but cybercrime will stay

While world governments are easing quarantine measures, cybercriminals are ramping up their malicious activities. In May, there was a 16% increase in cyber-attacks compared to March-April, when coronavirus was at its peak. High unemployment rates have made individuals more vulnerable to scams and phishing attacks involving relief package payments. The COVID-19 pandemic may be dying down, but the cybercrime pandemic is alive and here to stay.

Ref - Forbes

_______________________________________________________________________________________

(June 12, 2020)


Cybercriminals are now restless due to Coronavirus

The flow of news stories about the latest cyber-attacks is relentless. Criminals and hackers never seem to rest and are always ready to take advantage of any situation to try and compromise organizations’ defenses for their own ends. In the past month alone, a 30% increase in cyber-attacks was seen, exploiting concerns about COVID-19, thus creating a cyber pandemic. 


_______________________________________________________________________________________

(June 12, 2020)


Cybersecurity remains a top priority amid accelerated digital transformation

As the digital transformation of the economy and migration of society online have been forcibly accelerated by the COVID-19 pandemic, cybersecurity must remain a priority for policymakers. A comprehensive federal cybersecurity strategy could help improve the cybersecurity of assets beyond the reach of the federal government, to the benefit of local governments, companies, and citizens.

Ref - Aei

_______________________________________________________________________________________

(June 12, 2020)


Cybercrime pandemic triggered by COVID-19

Seventy-five percent of IT and security professionals fear a further increase in cyber-attacks and exploits as they start to re-open offices. Moreover, over 86% say their greatest IT challenge during the COVID-19 pandemic was moving to mass remote working, and their biggest security concern was maintaining VPN capacity for staff. This shows how exposed organizations are too fast-moving, fifth-generation cyber-attacks that target remote workers.

Ref - ITWeb

_______________________________________________________________________________________

(June 12, 2020)

Hackers are attempting to use non-secure cameras

Video surveillance systems have always been vulnerable to attacks. Ever since IP technology was first introduced, security cameras have been an attractive target for hackers. That attraction has deepened all the more during the COVID-19 pandemic. Experts are pointing out that increasingly more hackers are attempting to use non-secure cameras to generate network traffic for Distributed Denial of Service (DDoS) attacks.


_______________________________________________________________________________________

(June 12, 2020)


Email-based cyber-attacks are inevitable due to COVID-19 

The COVID-19 pandemic has left its mark on the cybersecurity world, with countless reports of increased threatening activity, especially when it comes to email breaches. In a stark reminder of the severity and prominence of cybercrime in 2020, 60% of global IT decision-makers believe it is either inevitable or likely that they will suffer an email cyber-attack in the next 12 months, according to new research from Mimecast. The company has released its annual State of Email Security report, which surveyed 1,025 IT managers on their view of the current state of cybersecurity, both within their organization and without. 


_______________________________________________________________________________________

(June 12, 2020)


Digital healthcare and rising cyber concerns

COVID-19 has not only pushed economies into recession but also brought forth the fragility of healthcare systems in general. Migrating to digital mode has since been a major move across the healthcare sector. Increased digitalization is expected to help service providers create a robust and critical infrastructure focused on patient’s safety and quality care. The future of digital healthcare appears promising as patients would be more comfortable using digital services for complex and sensitive medical conditions.

Ref - IDSA

_______________________________________________________________________________________

(June 12, 2020)


CISOs/CIOs reprioritizing investments due to Coronavirus

CISOs and CIOs are adjusting to a different future. All but two percent of CISOs/CIOs plan shifts in cyber strategy. They’re reprioritizing investments. Seventy percent expect their organization’s revenues to decrease in 2020 as a result of COVID-19; more than a quarter anticipate declines of more than 25%. It’s a once-in-a-lifetime kind of challenge. CISOs and CIOs must play a major role as businesses face challenges.

Ref - PWC 

_______________________________________________________________________________________

(June 11, 2020)


The evolution of COVID-19-themed cyber attacks

Countries with governments that have bungled their national responses to the COVID-19 coronavirus pandemic, such as the UK, are seeing an evolution in targeted cyber threats exploiting the crisis as a result, according to research conducted by Google. After three to four months of the pandemic, malicious actors are now conducting increasingly sophisticated, tailored attacks, many of them mimicking communications from the authorities.


_______________________________________________________________________________________

(June 11, 2020)


Cyber risks amid heightened mobile banking use

The Federal Bureau of Investigation has issued a public bulletin warning that mobile banking customers could face an increased risk of cyber attacks as more consumers embrace digital banking amid COVID-19. The FBI warned cyber attackers are embedding malicious apps called banking trojans that are hidden inside third-party software like games or other tools. The banking trojan can replicate legitimate banking sites.


_______________________________________________________________________________________

(June 11, 2020)


Cybercrime growing due to COVID-19 pandemic

As people try to adapt to a changing world, cybercriminals are taking advantage of changes to physical working conditions. The Australian Cyber Security Centre’s Scamwatch has reported an increase in COVID-19-themed SMS, email campaigns, and other types of cyber-related scams since March 2020, with over 1,100 reports about COVID-19 scams, and almost $130,000 in losses reported. The ACSC has also received more than 115 cybercrime and cybersecurity incident reports from individuals and businesses.

Ref - ACA

_______________________________________________________________________________________

(June 11, 2020)


Phishing attacks on rise since Coronavirus pandemic

The coronavirus pandemic and the sudden shift to remote working for millions of employees have presented cyber crooks with a one-of-a-kind opportunity. So much so that in mid-April, Google reported that in just one week, it saw a whopping 18 million daily malware and phishing emails related to COVID-19, sent via Gmail alone. This is in addition to the 240 million daily COVID-19 related spam messages Google saw.


_______________________________________________________________________________________

(June 11, 2020)


Cybersecurity needs a good investment not budgetary 

Many CISOs face limited budgets as constraints when fighting against cyberattacks. But, it is simply an adverse prioritization. And if security is not visibly towards the top of the agenda with management, they cannot expect good execution to follow regardless of the investments made. One trait, which many of the firms affected by cybersecurity incidents had in common (pre-COVID-19), was their relatively good economic health.. They were healthy and established market players churning up healthy profits. So having high budgets may not always mean having the most secure infrastructure.


_______________________________________________________________________________________

(June 11, 2020)


COVID-19 impact on global healthcare cybersecurity market

The Global Healthcare Cyber Security Market is released giving up info about global, regional, country, threat type, solution type, and end-users market size and their forecast from 2018-2026. The surge in the number of cyber-attacks and data breaches incidents, the growing need for advanced security cloud-based solutions, mounting technological advancements in cybersecurity, and the presence of favorable government regulations and acts to protect patient information from data breaches are driving the market growth.


_______________________________________________________________________________________

(June 11, 2020)


Protecting IT firms amid COVID-19 pandemic

In terms of the precautions to stay protected users must take, it’s vital that workers only use the company’s approved IT tools with strong security such as inbuilt VPNs back to the corporate office. Looking at this from a business’ perspective, there are a number of steps IT leaders can take too, namely in access management. As the world increasingly relies on the cloud, especially at the moment, to access and scale company resources, too many are still reliant on static passwords, which are inherently insecure.

Ref - GDPR

_______________________________________________________________________________________

(June 11, 2020)


Cyberthreats ongoing amid COVID-19 crisis

Cyber attackers constantly keep on evolving to take advantage of changing online behavior and trends. Given the current situation caused by COVID-19, cyber attackers are now exploiting the public fear of the pandemic for malicious activities. Not just the fear, they are also taking advantage of a remote workforce that has now become the new norm due to COVID-19. A major part of a remote workforce uses personal devices to access business-critical data. 

Ref - GajShield

_______________________________________________________________________________________

(June 11, 2020)


Cyberattacks increased as COVID-19 drives firms to the web

NTT’s 2020 Global Threat Intelligence Report shows that cybercriminals look to gain from the global crisis despite efforts by organizations to layer up their cyber defenses. Cybercriminals are continuing to innovate faster than ever before and automate their attacks as firms rely more on their web presence during the COVID-19 pandemic, exposing themselves to risk through systems and applications that cybercriminals are already targeting heavily.


_______________________________________________________________________________________

(June 11, 2020)


COVID-19 crisis has reshaped the cyber-threat landscape

Intelligence analysts say some of the normally less active states have begun using cyber-espionage more aggressively and they have seen allies target each other for information for the first time. It's a free-for-all out there. In an era of controlled borders and lockdowns, spy agencies have found it harder to use human assets and so relied even more on cyber-spies and pushed them to do more. Those involved in responding to the crisis have become a prime target.

Ref - BBC

_______________________________________________________________________________________

(June 11, 2020)


Importance of training employees in cybersecurity

Negligent employees or fraudulent insider represents almost half of all enterprise data breaches, and they are considered to be the weakest link when attempting to safeguard an organization from cyber threats. More often than not, good-intentioned employees make mistakes or are tricked and pushed towards data breaches. So establishing a cybersecurity awareness program for the entire workforce has become much more important than ever.


_______________________________________________________________________________________

(June 11, 2020)


A rise in COVID-19 threats in certain parts of the world

Google has warned of a rise in COVID-19 threats in specific parts of the world, as cyber-criminals adapt their campaigns regionally. The tech giant’s Gmail security product manager, Neil Kumaran, and lead security PMM for G Suite and GCP, Sam Lugani, explained that they’re blocking more attacks in India, the UK, and Brazil. These malware, phishing, and spam threats use regionally relevant lures, financial incentives, and fear to create urgency and entice users to respond.


_______________________________________________________________________________________

(June 11, 2020)


Vard shipbuilder hit by ransomware attack amid Coronavirus

Amid COVID-19 situation, maritime and offshore energy sectors are becoming more vulnerable to cyber-attack. A ransomware attack was spotted at Langsten shipyard, after which the company took all the possible actions required in order to solve the issue. It is also known that Italian major shipbuilder Fincantieri has acquired Vard and invested in boosting the Norwegian shipbuilder back to profitability. 


_______________________________________________________________________________________

(June 10, 2020)


COVID-19 could end but cyber effects will continue

While the COVID-19 pandemic may fade, its cyber effect will not, according to a new survey by Check Point. The company released the findings of a survey of over 270 IT professionals globally, showing how organizations managed their cyber-security during the lockdowns and also listing their security priorities and concerns over the coming months as they move towards re-opening their operations and the “new normal.”

Ref - JPost

_______________________________________________________________________________________

(June 10, 2020)


Sudden change in working conditions increased cyber risks

COVID-19 pandemic has fueled the pace of change in the healthcare sector, from telehealth expansion to the rapid deployment of temporary hospitals. But the increase in telework, mobile tech, remote care, and temporary hospitals has also expanded the threat landscape, which could have lasting consequences. Cybercriminals have rapidly worked to take advantage of the new landscape, targeting VPNs, cloud service platforms, and remote workers.


_______________________________________________________________________________________

(June 10, 2020)


Cyberattacks on critical infrastructure amid Coronavirus

The significant uptick in telework and spear phishing attacks related to COVID-19 has sparked a focus on the cybersecurity of information technology networks. A recent attack against water systems in Israel is a reminder that companies should also be mindful of the cybersecurity threats facing operation technology and industrial control systems. Companies can prepare for the operational, reputational, and litigation risks that are expected to arrive soon.

Ref - OMM

_______________________________________________________________________________________

(June 10, 2020)


Ransomware Attacks on Healthcare increased greatly 

A new report from ‘Corvus’ found a 75-percent increase in reports of ransomware attacks on healthcare entities from H1-2019 to H2-2019. The report covers the IT security traits of healthcare entities, including hospitals, health systems, doctor’s offices, consultants, and more. These entities have been the target of hundreds of ransomware attacks in recent years, the report says and those are only what’s been reported to the public.


_______________________________________________________________________________________

(June 10, 2020)


Security preparation of airports and airlines 

The COVID-19 pandemic has unveiled numerous vulnerabilities and shortcomings in the airline industry. What’s worse for aviation in particular over other industries is how airports have essentially served as the portal for the virus traveling from one country to another across the globe. As a result of severe travel restrictions implemented by nearly every country, airline companies have been hit hard and forced into a dire financial situation. 


_______________________________________________________________________________________

(June 10, 2020)


Staying safe while working from home

Organizations should utilize this huge work-from-home exercise as an opportunity for self-evaluation of their critical IT infrastructure. Even the traditional organizations globally have realized the immense business benefit of remote working decentralized workplaces for business continuity. This is becoming the new norm and hence they should also work towards making themselves more secure from probable cyber-attacks.


_______________________________________________________________________________________

(June 10, 2020)


Managing cyber attacks amid COVID-19

Only a few businesses are prepared for multiple and concurrent crises. Most can survive a single disruption, but dealing with a second while already in a weakened state increases the impact exponentially. When the COVID-19 crisis began and the lockdown was implemented, the first action businesses should have taken (after actioning remote working) was to reassess their risks. Because IT systems are still hosted from headquarters, and that risk is the same, right now organizations face a dual risk of exposure of their internal networks to outside threats.

Ref - FSMatters

_______________________________________________________________________________________

(June 10, 2020)


Developing a secure email ecosystem and stopping COVID-19 cyberthreats

As the world continues to adapt to the changes brought on by the COVID-19 pandemic, cyber threats are evolving as well. To stay protected: avoid downloading files that are malicious; instead, use Gmail’s built-in document preview; check the integrity of URLs before providing login credentials or clicking a link fake URLs generally imitate real ones and include additional words or domains; report phishing emails, and follow other basic practices.

Ref - Google 

_______________________________________________________________________________________

(June 10, 2020)


Increased threat of cyber fraud associated with COVID-19

As the coronavirus global health emergency continues apace, cybercriminals have continued their concerted effort to exploit this crisis for financial gain via cyberattacks and scams tied to COVID-19. In recent weeks, threat actors have ramped up COVID-19 attacks at such an alarming pace, that it prompted the Federal Bureau of Investigation (“FBI”) to issue a series of alerts warning the business community and the public of the significantly increased cyber threats.

Ref - BankRome

_______________________________________________________________________________________

(June 10, 2020)


Malware based attacks could increase amid COVID-19

The number of banking Trojans and info stealers has gone up with the increase of mostly pandemic-related unemployment, according to a leading provider of cybersecurity solutions. Criminals are using malicious CV and medical leave forms to spread malware. Overall cyber-attacks went up 16% compared to March and April, with an average of more than 158,000 coronavirus-related attacks each week in May.

Ref - OCCRP

_______________________________________________________________________________________

(June 10, 2020)


Organizations’ security priorities amid COVID-19 lockdown

Check Point Software Technologies Ltd., has released the findings of a new survey showing how organizations managed their cyber-security during the lockdowns forced by the COVID-19 pandemic, and also listing their security priorities and concerns over the coming months as they move to the ‘new normal.’ Over 86% of respondents said their biggest IT challenge during the pandemic was moving to mass remote working.


_______________________________________________________________________________________

(June 9, 2020)


Security tips for health care organizations confronting COVID-19 cyber attacks

Gul and Slipsky shared some tips for Health Care Organizations to prevent cyber threats during COVID-19. Consider flagging all incoming messages that originate outside the organization. Keep all software, systems, and hardware current. Install security updates consistently and regularly. Draft and enforce procedures for remote meetings. Use secure and strong passwords. Provide IT with the capacity to track activities on the system: logging capabilities. Automatically barring all communication with malicious domains.


_______________________________________________________________________________________

(June 10, 2020)


Cybersecurity hygiene amid COVID-19 crisis

In the age of COVID-19, many organizations have implemented changes to enable their employees to work from home. Whilst workers are remotely connecting for business continuity, cybercriminals are working from home too. So, the best starting point to defend against these attacks starts with addressing the weakest part of the security chain, people. Informing and educating the staff on cyber-attacks such as phishing is the best mitigation strategy.

Ref - Mondaq

_______________________________________________________________________________________

(June 10, 2020)


Insurance, finance, and retail are at most risk from cybercrime

An increase in cyber attacks by criminals taking advantage of the COVID-19 pandemic has resulted in new structural and operational risks, with insurance, finance, and retail sectors the most targeted sectors in South Africa, according to a recently published cyber threat intelligence report. The most common attacks in South Africa were web-application attacks (66%) and application-specific attacks (27%).


_______________________________________________________________________________________

(June 10, 2020)


The COVID-19 cyber threat landscape

COVID-19 has brought about a period of major transition and companies are having to adapt to weather the storm. Many have furloughed staff and partially closed doors, while others have remained operational but with all-new working processes. They may have adopted enterprise-wide remote working or implemented new digital avenues to market, both of which likely required the rapid adoption of technology and a much greater reliance on existing or new digital infrastructure.


_______________________________________________________________________________________

(June 10, 2020)


Cybersecurity strategy should have a multi-pronged approach

By now, most countries have imposed a mixed bag of measures to deal with the COVID-19 outbreak. The overarching strategy for dealing with COVID-19 has revolved around four quadrants: prevention, detection, response, and prediction. In cybersecurity, the importance of a holistic strategy that consists of the same quadrants is often discussed. At its core, a good cybersecurity strategy should also take a multi-pronged approach.


_______________________________________________________________________________________

(June 10, 2020)


Cybercrime landscape has changed due to Coronavirus

As the pandemic has developed and moved across the world, the cyber threat ecosystem of related attacks has closely followed suit. Attacks related to Coronavirus initially appeared in Asia before similar attacks occurred in Eastern and subsequently Western Europe. What’s clear is that hackers are hoping to capitalize on public fear. Many instances of cybercrime in the wake of COVID-19 have been designed with this fear in mind.

Ref - SEPE

_______________________________________________________________________________________

(June 10, 2020)


‘Lion’ hit by cyber attack amid Coronavirus pandemic

Cybercrime attacks have skyrocketed globally during COVID-19, fuelled by reduced levels of security as employees home isolate. Now, Lion (Australian beverages giant) has revealed that it experienced a cyber attack on Tuesday morning. The brewer took the precaution of shutting down its IT systems, which has caused some disruption to its suppliers and customers. The firm is working with expert advisors to address the issue.


_______________________________________________________________________________________

(June 10, 2020)


Cybercriminals targeting supply chain systems amid COVID-19 crisis

Cybercriminals employ a variety of ways to penetrate a supplier’s systems. This may include business email compromise which involves interfering with emails, such as falsifying payment details on invoices and using email as a stepping stone. So, content disarm and reconstruction (CDR) can play a part in defending against malicious documents that appear to come from trusted sources.


_______________________________________________________________________________________

(June 9, 2020)


Life Healthcare sector facing cyber-attack

South Africa’s Life Healthcare said its southern African operation was hit by a cyber-attack affecting its admissions systems, business processing systems, and email servers, but is yet to determine the extent to which data has been compromised. The hospital operator said its patient care was not impacted. Its hospitals and administrative offices continue to function with some delays.


_______________________________________________________________________________________

(June 9, 2020)


Cybersecurity along with remote working at same time

COVID-19 has changed the lifestyle and work style of millions of people across the world. To curb the spread of this pandemic, people are locked down in their houses and forced to adopt the 'new normal' of Work-from-Home. The sudden shift to a remote-work model means that new assets like employees’ personal laptops and phones get introduced into the enterprise IT environment. This influx of personal technology expands the attack surface and presents cybersecurity risks to organizations.

Ref - VarIndia

_______________________________________________________________________________________

(June 9, 2020)


The rising demand for cybersecurity

Panacea Infosec said it plans to raise its headcount by 40-45 percent this year, to meet the rising demand for cybersecurity consulting, auditing, and compliance among businesses in the backdrop of coronavirus pandemic and work-from-home culture. The outbreak of COVID-19 has jeopardized businesses across the world. However, the data and information security industry is proving to be incredibly resilient.


_______________________________________________________________________________________

(June 9, 2020)


Protecting businesses from cyber attacks

A business should take several steps for prevention against Coronavirus-themed cyber attacks: Review policies and procedures to safeguard against potential cyber-attacks; Provide training and support for staff, and make sure staff regularly back up their work; and, Check remote working systems and security devices. These legal obligations are a reminder of the importance of businesses having appropriate cybersecurity policies.


_______________________________________________________________________________________

(June 9, 2020)


Organization’s security priorities amid COVID-19 lockdown

Check Point Software Technologies Ltd., has released the findings of a new survey showing how organizations managed their cyber-security during the lockdowns forced by the COVID-19 pandemic. Over 86% of respondents said their biggest IT challenge during the pandemic was moving to mass remote working, and their biggest security concern was maintaining VPN capacity for staff.


_______________________________________________________________________________________

(June 9, 2020)


Staying ahead of cybercrime during and beyond COVID-19

The COVID-19 pandemic has created the greatest opportunity for systems penetration since the birth of the internet with financial institutions (FIs) in many countries forced into new ways of working. So, financial institutions should reinforce the organization’s information security approach and capabilities as normal risk processes are in danger of being overlooked, as people work in social isolation.

Ref - SC

_______________________________________________________________________________________

(June 9, 2020)


COVID-19 is fuelling cyber attacks 

The coronavirus pandemic has fuelled a disturbing rise in the number of cyber-attacks. As COVID-19 pushes the legitimate economy towards recession, the cybercrime economy appears to be surging. Furthermore, the impact of the virus has rapidly reshaped the way business is being done on the Dark Web, as buyers and sellers jump on the opportunity to profit from a significant change in supply and demand.


_______________________________________________________________________________________

(June 9, 2020)


Honda has been hit by a cyberattack amid Coronavirus lockdown

Japanese carmaker Honda has been hit by a cyberattack that disrupted its business in several countries, though it expects the overall impact to be contained. Like other carmakers, Honda has struggled to deal with the COVID-19 pandemic and the efforts to return to production. It reported deep losses for the fiscal quarter that ended in March, as the damage to the industry from the outbreak hurt sales and crimped production.


_______________________________________________________________________________________

(June 9, 2020)


Fraud Detection & Prevention Market to rise significantly due to COVID-19 crisis

Research Dive presents a new research report on the COVID-19 Impact on Global Fraud Detection & Prevention Market which explains the effect of coronavirus pandemic on the present as well as the upcoming growth of the market. The emergence of the COVID-19 crisis has given a significant boost to the growth of the global market for the fraud detection & prevention market.


_______________________________________________________________________________________

(June 9, 2020)


COVID-19 is giving birth to more cyberattacks

A just-completed Team8 survey revealed that 85 percent of medium- to large-sized businesses are reporting a surge in the cyber attacks. The reason for this is plain as day: cybercriminals have a vast new pool of remote, online workers to target. According to that survey, 70 percent of medium- to large-sized businesses say 75 to 100 percent of their employees are currently working from home.


_______________________________________________________________________________________

(June 9, 2020)


Cyber attacks will be continued even after COVID-19 pandemic

The COVID-19 pandemic eventually will fade, but not its impact on cybersecurity. The primary reason behind these inevitable threats is the permanence of remote work, which is “new normal.” The support of remote work required heavy reliance on the cloud, as well as online collaborations tools like Zoom. Consequently, the rapid changes exponentially grew the attack surfaces for hackers to exploit.


_______________________________________________________________________________________

(June 9, 2020)


Increased threat of human-operated ransomware associated with COVID-19

To slow the spread of the coronavirus, most businesses across the country have transitioned to remote working arrangements. Recently, Microsoft issued its first-ever targeted ransomware alert regarding the significantly enhanced threat of human-operated ransomware campaigns, which have increased precipitously as cybercriminals seek to exploit the range of security vulnerabilities that exist with remote working.

Ref - JDSupra

_______________________________________________________________________________________
(June 9, 2020)




Cyber-criminals have launched a new phishing scam

Cyber-criminals have launched a new phishing scam designed to steal personal and financial details of self-employed workers using the Self-Employment Income Support Scheme (SEISS) during the COVID-19 outbreak. The scam was uncovered by litigation company Griffin Law and begins with a text message sent to self-employed workers offering a tax rebate purporting to be from HMRC.


_______________________________________________________________________________________

(June 9, 2020)


Invest in virtual machines to defend against cyberattacks

The coronavirus pandemic and the new work-from-home model has every enterprise thinking about cybersecurity from micro, small and medium enterprises (MSMEs) to the big wigs like TCS, Wipro, and Infosys. And, yes, there is a cost to it but the bigger question is how companies manage that cost. So, businesses can save on costs by leveraging assets that are already there in the cloud because such services provide scalability and agility.

_______________________________________________________________________________________

(June 9, 2020)


Security firm announced a free of cost complimentary trial

Inspira Enterprise has announced a free of cost complimentary trial of its state of the art Managed SOC Services (MSSP) to, healthcare, educational and NGOs during the Pandemic situation. This strategic initiative is part of the company’s Corporate Social Responsibility commitment towards offering a safe and secure network across the globe during the COVID-19 pandemic. 


_______________________________________________________________________________________

(June 9, 2020)


Working from home needs security against cyber attacks

The COVID-19 pandemic and subsequent lockdown have forever changed how people socialize and conduct business. More and more, personal and professional lives will be online. So, phishing, smishing (SMS phishing) and vishing (voice phishing) attacks are all on the rise. The tendency to click on infected emails has increased with the correspondent increase in email traffic, a two-fold impact on the severity of the threat environment.

Ref - Plant

_______________________________________________________________________________________

(June 9, 2020)


Cybersecurity amid Coronavirus pandemic

The new normal has forced many businesses, organizations, and people to operate from home. With businesses operating indoor, this has increased the risk of security breaches and threats which can lead to loss of data, breaches of privacy or holding systems to ransom, and more. As swiftly as, India digitized its working business scenario online, businesses now need to take up ‘online security’ as a key self-responsibility.


_______________________________________________________________________________________

(June 9, 2020)


Discovering emerging cyber threat associated with Coronavirus

Combined with big data analytics, threat models, advisory-based behavior analytics, and detection rules from the security experts, it can help to uncover if an emerging or unknown threat or a threat actor is attempting to infect an organization. On top of that, continuous risk assessment of an organization’s cybersecurity posture also serves to predict impending cyber issues.


_______________________________________________________________________________________

(June 9, 2020)


Cybersecurity after COVID-19 crisis ends 

COVID-19 has brought not only economic turmoil but a massive increase in cybersecurity dangers. Since February this year, the number of cyber-attacks has skyrocketed, with the average attack costing an organization US$350,000 to US$400,000. Unsurprisingly, statistics from the World Economic Forum indicate that cyber-attacks and data fraud is the third biggest COVID-related business concern, ranked after the global recession and a surge in corporate bankruptcies.


_______________________________________________________________________________________

(June 9, 2020)


COVID-19 caused a cyber-crime pandemic

It’s only 20 weeks since the first lockdown measures were implemented in Wuhan, in Jan. 2020, but since then the emergence of the COVID-19 pandemic has reshaped the entire working culture. The changes were global, rapid, and widespread, compressing several years’ worth of IT changes into just a few weeks. COVID-19 not only caused a health pandemic but a cyber-crime pandemic too.


_______________________________________________________________________________________

(June 9, 2020)


Cybersecurity amid COVID-19 pandemic

The world struggling with the unprecedented pandemic in the form of Coronavirus, millions of IT and cybersecurity professionals are going beyond their duties to keep businesses running as they switch to remote working. As working from home becomes the new normal for many businesses and their employees amid multiple restrictions, there has been an exceptional spike in cybersecurity threats and attacks.

Ref - CxoToday

_______________________________________________________________________________________

(June 9, 2020)


Malicious emails are pushing a cyber-crime pandemic

In their early days, cyber-attacks called business email compromise (BEC) typically began with hacking or spoofing the email accounts of CEOs or CFOs then requesting fund transfers to accounts controlled by the criminals. Rather than targeting the companies directly, attacks now target customers, HR departments, suppliers, related accountants, and law firms, and even tax authorities.

Ref - HcaMag

_______________________________________________________________________________________

(June 8, 2020)


A unique perspective on the COVID-19 pandemic

TetherView, the creators of the Digital Bunker, hosted the Third Annual TetherView Cyber Security Summit “Controlling IT Chaos in Post COVID-19 World” bringing together distinguished speakers from the FBI, Oppenheimer, Columbia University, Cyxtera (CFG), and Akamai (AKAM). The Summit brought a unique perspective on the COVID-19 pandemic and the ongoing challenges.

Ref - Aithority

_______________________________________________________________________________________

(June 8, 2020)


Preparing for the new era in cybersecurity

The global coronavirus pandemic has added an enormous strain on employees’ ability to work remotely. In many cases, the ease at which workers usually connect to the data and resources they need via mobile, laptop, or otherwise has slowed as consumption of remote services has increased. Productivity and efficiency challenges aside, attitudes towards working from home may drastically change due to the impact of COVID-19.  

Ref - GDPR

_______________________________________________________________________________________

(June 8, 2020)


The use of digital tools during the COVID-19 crisis

The use of digital tools during the COVID-19 crisis offers 3 lessons. First is to keep essential organizations safe, second is to learn from the great Work-from-Home experiment and last is to understand that mistrust hampers crisis response. A Great Reset will require new institutions and business models, and new digital technologies to build them. For all those working to design this future, let’s start by building digital trust.

Ref - WeForum

_______________________________________________________________________________________

(June 8, 2020)


COVID-19-themed fraud and scams

The current global pandemic has led to an increase in cybercrime and fraud, with ever more sophisticated tactics being deployed by those looking to take advantage of the vulnerable and profit from illegal activities. Organizations like the World Health Organization (WHO), the Financial Conduct Authority (FCA) in the UK, Federal Trade Commission (FTC), as well as the Food and Drug Administration (FDA) are sounding alarms and warning the public about the different types of fraud risk.


_______________________________________________________________________________________

(June 8, 2020)


Phishers hiding COVID-19 malware in CVs 

Cyber-criminals are taking advantage of the evolving jobs market and employee health situation under COVID-19 to disguise malware in various emailed documents. The phishing campaigns spotted by Check Point over recent days center around spoofed CVs and medical leave forms. Unemployment in the US remains at levels not seen since the Great Depression of the 1930s, with close to 40 million currently without jobs due to the pandemic.


_______________________________________________________________________________________

(June 8, 2020)


The maritime sector is exposed to cyber attacks amid Coronavirus

The maritime and offshore sectors are coming under considerable pressure from cybercriminals since the outbreak of coronavirus with a 400% increase in attempted hacks since February 2020, according to cybersecurity specialist Naval Dome. There has been an increase in malware, ransomware, and phishing emails exploiting the COVID-19 crisis. Companies are stretched thin and this is benefitting the hacker.


_______________________________________________________________________________________

(June 8, 2020)


Cyber attacks are increasing as employees working from home

A remote workforce on COVID-19 lockdown has made many organizations more exposed to cyberattacks. Cybersecurity insurers have realized that the risk equation has changed dramatically for their customers, and they’re closely scrutinizing companies’ security arrangements and existing insurance policies. As a result, some enterprise risk managers may soon find themselves paying noticeably more for cyber insurance protection and turning to their CISOs to find out why.

Ref - Mimecast

_______________________________________________________________________________________

(June 8, 2020)


Knowing cyber vulnerabilities amid a pandemic

Whilst the Government recently warned about cybercriminals specifically targeting organizations involved in the pandemic response (such as healthcare organizations), the National Cyber Security Centre (NCSC) has warned that individuals and businesses of all sizes are at risk. Not only might staff members be targeted, thereby putting business systems and information at risk, but remote working systems are also vulnerable to attack.


_______________________________________________________________________________________

(June 8, 2020)


Rise in cyber-attacks on the global shipping industry

Israel-based cybersecurity firm Naval Dome said that there has been a 400% rise in the number of cyberattacks targeting the global shipping industry since February, Splash 247 reports. An increase in malware, ransomware, and phishing emails exploiting the COVID-19 pandemic is the primary reason behind the rise.


_______________________________________________________________________________________

(June 8, 2020)


Reuniting security community amid COVID-19

At a time when social distancing is becoming the new norm, a new online conference aims to bring the global security community together again. This past weekend saw the first edition of OWASP Chapters All Day, a 24-hour, non-stop security conference conducted from the safety of members’ homes. Issue such as increased adoption of remote access was cited among the sector’s many challenges.


_______________________________________________________________________________________

(June 8, 2020)


Privacy is a security challenge amid COVID-19 pandemic

Tracing applications help to monitor and alert healthcare authorities about potential encounters with COVID-19, but they also bring challenges like privacy. Privacy may be easily compromised in the absence of rights checks and controls in such contact tracing applications. To avoid compromising a user’s privacy, contact tracing applications should consider privacy principles such as “privacy by design” and “privacy by default.”


_______________________________________________________________________________________

(June 8, 2020)


Maritime and offshore energy sectors vulnerable to cyber-attack due to Coronavirus crisis

The Coronavirus pandemic is leaving the maritime and offshore energy sectors vulnerable to cyber-attack, with Naval Dome citing a massive 400% increase in attempted hacks since February 2020. The global crisis and social distancing measures are preventing OEM technicians from flying out to ships and rigs to upgrade and service critical OT systems, resulting in operators circumventing established security protocols, leaving them open to the cyber attack.

Ref - SeaNews

_______________________________________________________________________________________

(June 8, 2020)


APAC employees are not protected while working from home

More employees are working from home amidst the global pandemic, but a majority do so without proper training on how to ensure they can keep their organization safe. More than half are using their personal devices to carry out work tasks. Around 54% of these employees believe that their organizations are more likely to experience a serious cyberattack during the COVID-19 pandemic than they would before the outbreak.

Ref - ZDNet

_______________________________________________________________________________________

(June 8, 2020)


Working parents facing cybersecurity threats

Work-from-home habits, including password re-use and letting family members use corporate devices, are putting critical business systems and sensitive data at risk. A survey, which aimed to gauge the state of security in today’s expanded remote work environment, found that 77% of remote employees have been using unmanaged, insecure devices such as personal laptops and phones to access corporate systems.

Ref - LiveMint

_______________________________________________________________________________________

(June 8, 2020)


The number of data breaches increased by 50% in Australia amid Coronavirus crisis

New research from Accenture has revealed four-fifths (80%) of Australian companies believe that their cybersecurity investments are failing, whilst the number of breaches increased by 50% in Australia from 2018 to 2019. These findings, coupled with the acceleration of cyber threats due to COVID-19, is accelerating the threat landscape and putting extra pressure on security functions.


_______________________________________________________________________________________

(June 8, 2020)


COVID-19-themed cyber threats spreading like a virus

Businesses of all sizes have transferred to remote working to protect their employees while continuing to serve their customers. They have moved the bulk of their activities to the digital world and thereby, increased the risk of cyberattacks. The challenge is two-fold. Firstly, how to secure new remote working practices. Secondly, how businesses can ensure protection from attackers exploiting the uncertainty of the situation.

Ref - ITWeb

_______________________________________________________________________________________

(June 8, 2020)


Securing IoTs amid COVID-19 pandemic

In the fight against COVID-19, technology innovations are steadily making a difference to healthcare systems. The pace of innovation in the Internet of Things (IoT) systems, in particular, to track infections, detect potential carriers, and remotely monitor health conditions are now being used and developed all over the world. However, the use of those tools to manage the crisis raises significant questions about security, data collection, and protecting the privacy of citizens and communities.

Ref - CXOToday

_______________________________________________________________________________________

(June 8, 2020)


Understanding the changing landscape of cybercrime for better security

The recent Coronavirus outbreak changed the cyber landscape at a very fast pace. Every thirty-nine seconds a business falls victim to a ransomware attack and many businesses will be at the hands of cybercriminals in a very short time. That’s how serious an issue it is to be able to understand the shifting landscape of cybercrime, specifically the constant changes to the different risks that can affect business. 


_______________________________________________________________________________________

(June 8, 2020)


Cybersecurity investments 'failing’ according to Australian companies

The acceleration of cyber threats and an increase in risk profile due to COVID-19 has hit the Australian cybersecurity industry hard, with many-losing faith in the industry, according to new research. 80% of Australian companies believe their cybersecurity investments are ‘failing’, according to a new report from Accenture, meanwhile, there has been a 50% increase in breaches in Australia from 2018 to 2019.

Ref - ITBrief

_______________________________________________________________________________________

(June 8, 2020)


Cybercriminals are stealing unemployment benefits

Cybercriminals are seizing on a surge in job losses to steal unemployment benefits from Americans nationwide. This complicates an already tough situation for millions of financially strapped Americans and overwhelmed state unemployment offices. In some cases, security experts say the new processes, added workload, and outdated systems may have made it easier for criminals to act. Fraudsters wait for such opportunities to exploit them.


_______________________________________________________________________________________

(June 8, 2020)


Over 300 COVID-19-themed malware discovered leveraging public cloud environments

Researchers at Unit 42, the global threat intelligence team of cybersecurity solutions company Palo Alto Networks, identified more than 300 malware samples taking advantage of the COVID-19 pandemic. Network traffic from all known Prisma Cloud environments was queried using 20 suspicious IP addresses and domains, and a total of 453,074 unique network connections were identified between March 1 and April 7, 2020.


_______________________________________________________________________________________

(June 8, 2020)


Cybercriminals Targeted Millions of WordPress Websites amid Coronavirus pandemic

Amid Coronavirus pandemic, a massive number of WordPress accounts and websites were victimized in recent days as part of a horrific cyber attack with the purpose of obtaining credentials and other sensitive personal data. The hackers who were involved in the attack were attempting to download a specific file named wp-config.php from WordPress websites as they contain crucial information like credentials.


_______________________________________________________________________________________

(June 7, 2020)


COVID-19 come up with new cybersecurity threats for universities

The rapid move to online teaching and learning as a means to curtail the spread of COVID-19 has exposed African universities to a greater risk of cybercrime. Without proper protection, it leaves the Learning Management Systems susceptible to denial-of-service attacks. In addition, the involvement of African universities and institutions in coronavirus research makes them a target by nation-state actors.


_______________________________________________________________________________________

(June 7, 2020)


India is among the top five most attacked countries with cyberattacks during the lockdown

India is among the top five most attacked countries in the region throughout the quarter amid COVID-19 lockdown. The country attracted attacks of relatively high quality (as compared to other regions and last year). Most of the inbound cyber attacks on India have come from North Korea based threat actors. The huge spike in attacks on banking and financial services could be attributed to attackers based in North Korea.  


_______________________________________________________________________________________

(June 7, 2020)


The rise in Coronavirus-themed cyber attacks

The number of cyberattacks reported in Switzerland during the height of the COVID-19 pandemic was up to three times higher than normal. Figures from the Swiss National Cyber Security Centre (NCSC), reported in the NZZ am Sonntag, show that cases in April were over 350 per week, well above the norm (100-150). Cyber-attacks often come in such waves, especially during a “special event” like the coronavirus pandemic.

Ref - SwissInfo

_______________________________________________________________________________________

(June 7, 2020)


Coronavirus become an opportunity for scammers

Cybersecurity experts say that the pandemic-related scams are the hottest trend in cyber attacks, as fraudsters try to take advantage of the unease and panic. Ransomware attacks have grown by 20 percent globally during the pandemic, March, and April, compared to January and February 2020. Scammers are targeting victims by sending out text messages, emails appearing to be sent from a legitimate company.


_______________________________________________________________________________________

(June 7, 2020)


Cybersecurity for remote working amid Coronavirus pandemic

The global pandemic has resulted in increased cyber-attack where threat actors are not sparing any moment to be on top of their game plan to exploit any business or industry. The COVID-19 has bought situations like work from home across the world, which means systems are now hot targets of criminals through various phishing email schemes and other attacks which can target WI-fi and internet connections.


_______________________________________________________________________________________

(June 7, 2020)


Cyber Pandemic is could be a reality due to Coronavirus

For more than a decade, security leaders predicted that a “Cyber Pearl Harbor” or “Cyber 9/11” was coming that would dramatically change society. Now it could become reality due to the Coronavirus pandemic. COVID-19 shows that the world is at great risk of disruption by pandemics, cyberattacks, or environmental tipping points. The world should prepare for a COVID-like global cyber pandemic

Ref - GovTech

_______________________________________________________________________________________

(June 7, 2020)


Businesses need to be protected due to remote working

The COVID-19 pandemic and subsequent lockdown have forever changed how people socialize and conduct business. More and more personal and professional lives will be online. Paradoxically, office towers sit empty. However, the amount of traffic in the virtual world continues to increase exponentially. Physical borders are closed, but the virtual ones remain wide open and relatively undefended.


_______________________________________________________________________________________

(June 6, 2020)


Governments looking for cybersecurity funding in next COVID-19 package

As the COVID-19 pandemic has forced tribal governments to move their governmental services online, the need to protect tribal data and ensure the integrity of the services that they provide is more important than ever. The National Congress of American Indians (NCAI) has urged Congress to establish a 10 percent set-aside for tribal governments in cybersecurity funding available for state and local governments.

Ref - Mondaq

_______________________________________________________________________________________

(June 6, 2020)


Solutions for remote work ecosystems for enterprises

To streamline the post-lockdown office operations, HashCash (a global software company) is helping enterprises to augment their remote working system through scalable digital solutions. The USA-based company is offering services to reform existing work processes of respective businesses through augmented digital solutions making it remote compatible to cope with social distancing and other COVID-norms.


_______________________________________________________________________________________

(June 6, 2020)


Cybercriminals are taking advantage of COVID-19 pandemic

In an effort to preserve cash and keep the lights on, IT administrators are getting by with the data protection software and hardware they’ve had in place for years, letting modernization slip down on the priority list. And that could be a big mistake because cybercriminals are using this unprecedented situation as an opportunity to attack and hold data hostage. Organizations must act quickly to protect one of their most valuable assets: their data.

Ref - CIO

_______________________________________________________________________________________

(June 5, 2020)


Crypsis issues 2020 Incident Response and Data Breach Report amid COVID-19

The Crypsis Group, a digital forensics firm, has announced the release of its 2020 Incident Response and Data Breach report. The report was derived from over 1,000 engagements conducted by The Crypsis Group experts and was developed to provide deep insights into real-world cybersecurity risks while offering detailed security "Pro Tips" in each risk area to help organizations defend against a wide range of threats.


_______________________________________________________________________________________

(June 5, 2020)


Impact of Coronavirus on Cyber Attack Simulation Tools market

The novel COVID-19 pandemic has put the world on a standstill, affecting major operations, leading to an industrial catastrophe. A report “Cyber Attack Simulation Tools Market” released by Garner Insights contains a thorough analysis of the pre and post-pandemic market scenarios. The Cyber Attack Simulation Tools report consists of streamlined financial data obtained from various research sources to provide specific and trustworthy analysis.


_______________________________________________________________________________________

(June 5, 2020)


Cyber risks of COVID-19 pandemic

At the start of the COVID-19 pandemic, many organizations had to rapidly pivot from work in the office to a fully remote structure. Some were well prepared and accommodated this shift, while others were scrambling due to increased cybersecurity risks. The concern for insurance companies was how easily these companies were able to transition and whether they were able to do it securely. Employees tend to be the weakest link, especially with the added disruption and distractions due to the COVID-19 pandemic.


_______________________________________________________________________________________

(June 5, 2020)


Hackers are using VPN impersonation to steal Office 365 credentials

A phishing attack is using VPN impersonation to trick people into revealing their Microsoft Office 365 credentials. With so many people working from home, VPN use has increased considerably. Most companies rely on this sort of technology to let employees connect to the corporate infrastructure safely, so it stands to reason that bad actors would seek to use it as an attack vector. Microsoft Office 365 credentials are highly valued on the Dark Web.


_______________________________________________________________________________________

(June 5, 2020)


The UK launches a specialized cyber regiment

In an attempt to protect critical systems and networks of the Royal Navy and Air Force, the UK Armed Forces have just announced the launch of a specialized Cyber Regiment, formally christened at a ceremony in Blandford on June 1. A part of the Army’s push to improve its response to the surge of digital threats, the 13th Signal Regiment consists of 250 men and women dedicated to the UK’s defensive cyber capabilities.


_______________________________________________________________________________________

(June 5, 2020)


Cyberattacks increase amid COVID-19 outbreak

The Department of Health and Human Services has reported an increase in cybersecurity breaches in hospitals and healthcare providers’ networks which may be due to COVID-19. Between the months of February and May of this year, there have been 132 reported breaches, according to the HHS. This is an almost 50% increase in reported breaches during the same time last year. The increase in hacking could be attributed to the COVID-19 pandemic.


_______________________________________________________________________________________

(June 5, 2020)


Intelligence services will aim at COVID-19 research

Christopher Krebs, director of the Cybersecurity and Infrastructure Security Agency (CISA) and a 2020 Wash100 Award winner, said he expects “every intelligence service” to home in and steal COVID-19-related data and research. The Chinese have been one of the more brazen in terms of their approach, but others are in the game, too. He also shared his insights on ransomware attacks and discussed the “destructive” nature of cyber attacks.


_______________________________________________________________________________________

(June 5, 2020)


Banks are facing cyber threat outbreak during COVID-19 pandemic

The financial sector is the most secure industry in the world but the COVID-19 outbreak kept attackers busy as the sector saw a 238% increase in cyberattacks and a nine-fold increase in ransomware attacks since the beginning of February to the end of April. VMware Carbon Black’s third annual finance-focused report shows that 80% of surveyed financial institutions reported an increase in cyberattacks over the past 12 months, a 13% increase over 2019.


_______________________________________________________________________________________

(June 5, 2020)


COVID19 themed cyberattacks escalated exponentially around the world

As the number of worldwide internet users continues to rise, so too is the amount of cybercrime. The main method of outreach is via phishing emails, containing messages of fear or false financial promises, which often demand an immediate response from recipients. Hackers are also targeting victims through social media, issuing fake warnings that state: “Your account will be deleted due to fraudulent use within 24 hours if you don’t act now!”

Ref - EuroNews

_______________________________________________________________________________________

(June 5, 2020)


UAE authorities tackle rising cybercrime during COVID-19 pandemic

In April, the UAE launched its first national fraud awareness campaign, in light of increased use of digital banking services during the COVID-19 pandemic. In the wider phone fraud and digital-scam arena of late, some residents have also fallen prey to so-called SIM-jacking, identity theft, and data privacy hacks. So, in a bid to protect the UAE’s IT infrastructure from cyber risks and violations, plus improve cyber safety for residents, the UAE’s National Computer Emergency Response Team was established.

Ref - EuroNews

_______________________________________________________________________________________

(June 5, 2020)


Trucking is a top target for cyberattacks

As hackers play on the distractions and fears prompted by the COVID-19 crisis, trucking industry experts expect to see a surge in cyberattacks against commercial carriers. If a hacker successfully executes a ransomware attack, they can extract a higher payment than they’d get targeting small and midsize companies in other, lower dollar industries.


_______________________________________________________________________________________

(June 5, 2020)


NHS under attack since COVID-19, GCHQ boss says

UK’s cybersecurity agencies have seen increased targeting of the health sector. The NHS has been increasingly targeted by cyberattacks since the coronavirus outbreak. Although the attacks were not any more sophisticated than previous hacking attempts, there were clear efforts being made to access sensitive data linked to the UK’s response to the pandemic, such as vaccine research for Coronavirus.

Ref - Techerati

_______________________________________________________________________________________

(June 5, 2020)


COVID-19-themed threat reports are becoming the new normal

Since the Coronavirus outbreak, cybercriminals have continuously leveraged this global crisis by focusing on cyberattacks designed to compromise victims’ data and security. Now, the Bitdefender threat intelligence data on Coronavirus-related cyber threats between March and April reveals that COVID-19-themed threat reports are becoming the new norm. This research related to COVID-19 will help to better understand the evolution and impact of these attacks.

Ref - SANS

_______________________________________________________________________________________

(June 5, 2020)


Top priorities for CISO amid COVID -19 crisis

From the technical perspective, the key security responsibilities of a CISO revolve around predicting, identifying, protecting, responding to, and recovering from cyber threats. But at the same time, the CISO is also responsible for looking after governance, compliance, audits, risk management, identity and access management, legal, and HR. They also have responsibility for the selection, training, and formation of a dedicated team of threat intelligence analysts for analyzing and predicting threats and vulnerabilities, especially when the risks have increased multi-fold times during the coronavirus epidemic. 

Ref - ECCouncil

_______________________________________________________________________________________

(June 5, 2020)


Protecting SMBs from COVID-19 themed cyber attacks

Small and medium-sized businesses (SMBs) are a major target of malware, phishing, viruses, and other cybersecurity threats so much so that 61% of data breaches affect small businesses. Cybercriminals go after small businesses for a number of reasons. Many small or medium-sized business owners are faced with endless decisions. Cybersecurity often ends up falling low on the list of priorities, leaving holes and vulnerabilities in their networks.


_______________________________________________________________________________________

(June 5, 2020)


Cybersecurity difficulties amid COVID-19 pandemic

As the coronavirus continues to spread, the possibility for more disruption of day-to-day operations grows. For those who have migrated their workforce away from the office, working remotely without compromising security is critical and challenging. According to Global Workplace Analytics, 50% of U.S. workers are now working from home full time but cybersecurity concerns are confronting organizations, 48% of which according to Slack, are struggling to enable a Work Remote Solution.


_______________________________________________________________________________________

(June 5, 2020)

Effective cybersecurity policies after Coronavirus pandemic

Cybersecurity is facing tremendous challenges and leaders are under tremendous pressure to ensure that threat actors remain at bay. Cybersecurity leaders must take stronger and more strategic leadership roles within their businesses during the crisis to ensure effective business continuity. Cybersecurity leaders are taking a more effective path or are forced to adapt new working modules by COVID-19, which changing the scenario like work from home.


_______________________________________________________________________________________

(June 5, 2020)

Indian CISOs can use machine learning to fight cyberattacks

As the world gets swallowed by the COVID-19 pandemic, cyberattacks have risen to become a critical area for all tech-enabled companies around the globe. In the future, there will be a turn in India’s cybersecurity industry towards a risk-based strategy to vulnerability management which applies machine learning analytics to correlate vulnerability severity, threat actor activity, and asset criticality to classify and manage issues posturing the biggest business risk.


_______________________________________________________________________________________

(June 5, 2020)

Cybersecurity is a big challenge for organizations 

Too many enterprise leaders disconnect from cybersecurity because they see it as a tech problem and kick it off to the CISO. Too many CISOs can’t communicate the tech problems in business language the C-suite understands, so the importance of investing in cybersecurity gets lost in translation. Companies are going to do a much better job of prioritizing their key risks based on what's mission-critical. And then ultimately making a better investment that makes them safer over time.

Ref - CSHUB

_______________________________________________________________________________________

(June 5, 2020)

Maritime Cyberattacks increased up to 400% due to Coronavirus

Cybersecurity consultancy Naval Dome has reported a 400 percent increase in attempted hacks since February 2020. The primary cause is an increase in malware, ransomware, and phishing emails attempting to exploit the COVID-19 pandemic, but Naval Dome says that global travel restrictions, social distancing measures, and the economic recession are beginning to cut into companies' self-defense capabilities.


_______________________________________________________________________________________

(June 5, 2020)

North Korea is carrying out cyber-attacks against the U.S. amid Coronavirus 

According to several reports, North Korea is steering a massive malicious campaign against the United States and other worldwide countries. In April, the Federal Bureau of Investigation (FBI), the Department of Defense, and the Cybersecurity & Infrastructure Security Agency (CISA) released three reports on malware attacks carrying out from the government of North Korea. The Treasury, the State Department, Homeland Security, and FBI led it with an advisory last month.


_______________________________________________________________________________________

(June 5, 2020)

Cyberattacks against connected cars risen up to 99% amid COVID-19 crisis

Cyber attacks on connected cars have increased by 99% in the last year, according to a new study by Uswitch. The online and telephone comparison and switching service have identified four main ways that vehicles can be compromised, ranging from weaknesses in apps and theft of personal data to keyless car theft and even taking control of a vehicle remotely. Around 67% of all new cars sold are currently connected in some way.

Ref - AmOnline

_______________________________________________________________________________________

(June 4, 2020)

COVID-19 related malware attacks drop in May

Covid-19 related cyber-attacks during May declined by 7% compared to April, while conventional malware attacks increased by 16% compared to March and April, as many businesses resumed operations. Use of malicious CV and medical leave forms to spread banking trojans and info stealers also increased during May, cybersecurity firm CheckPoint reports. In May, the security firm detected more than 158,000 coronavirus-related attacks on an average each week, a decrease of 7% since April.

Ref - LiveMint

_______________________________________________________________________________________

(June 4, 2020)

Small Indian businesses are facing at a huge cybersecurity challenge 

Indian startups and small businesses are staring at a huge cybersecurity problem and as is the case with such an issue. Cybersecurity experts have attributed the rise in security breaches and data leaks to the distributed working environment. The WEF has noted cyberattacks and data fraud as the most likely technological risk in the aftermath of Covid-19. This growth in cybersecurity risks has increased demand for cybersecurity policy and regulations.

Ref - INC42

_______________________________________________________________________________________

(June 4, 2020)

Cyberattacks increased during COVID-19 pandemic

The Department of Health and Human Services has reported an increase in cybersecurity breaches in hospitals and healthcare providers' networks which may be due to COVID-19. Between the months of February and May of this year, there have been 132 reported breaches, according to the HHS. This is an almost 50% increase in reported breaches during the same time last year. The increase in hacking could be attributed to the COVID-19 pandemic.


_______________________________________________________________________________________

(June 4, 2020)

Machine-learning to fight against coronavirus pandemic

Cybercriminals are exploiting the coronavirus pandemic to significantly expand their malicious activities against individuals and organizations. Amid the deluge of Trojans, ransomware, and phishing attacks, cybersecurity professionals are turning to machine learning to stay on top of the situation. In many cases, employees have become almost entirely reliant on the Internet for work, while schools have shifted to an online-only footing to educate children.

Ref - Datanami

_______________________________________________________________________________________

(June 4, 2020)

Healthcare sector cybersecurity amid COVID-19

As COVID-19 pandemic continues to damage world health, political, economical and social systems, there’s one more imperceptible threat emerging in the digital space - the threat of cyberattacks which are preying on our increased dependency on digital tools. As health care organizations are battling with this pandemic, they are also facing intensified cybersecurity threats from cybercriminals looking to take advantage of the crisis caused by the outbreak.


_______________________________________________________________________________________

(June 4, 2020)

Cybersecurity aspects after COVID-19 period

As COVID-19 reshapes social interactions and transforms our work environments to more digital settings, the threat landscape in the cyberspace is also evolving with new vulnerabilities emerging. With the emergence of a new wave of internet users from rural and semi-urban India, digital financial inclusion initiatives are most susceptible to data breaches that involve consumer frauds such as phishing and skimming.


_______________________________________________________________________________________

(June 4, 2020)

Criminals are using a malicious CV to spread banking Trojans 

At the end of May, CNN reported that more than 40 million Americans have filed for first-time unemployment benefits since the coronavirus pandemic put the US economy on hold in March. Because of high unemployment rates, people became vulnerable to scams and phishing attacks involving relief package payments. Now, criminals are using malicious CV and medical leave forms to spread banking Trojans and info stealers.


_______________________________________________________________________________________

(June 4, 2020)

Cybercrime evolution amid Covid-19 crisis

As the Covid-19 pandemic continues to evolve, cybercriminals are exploiting this crisis globally for their own objectives. While there may not be an increase in the levels of cybercrime, there has certainly been a change in direction. This article will explore the shift in cybercrime that is occurring due to Covid-19, along with the methods used by the cybercriminals and the resultant legal implications for businesses.  


_______________________________________________________________________________________

(June 4, 2020)

Cybersecurity challenges amid Coronavirus pandemic

Due to COVID-19, an unprecedented spike in demand led to bandwidth constraints, and network congestion around the world is seen. And WFH led to a whole new slew of cybersecurity concerns. Cybersecurity has always been a concern with remote work. But with so many organizations rushing to set up employees at home, often within a matter of days, it was bound to leave some gaps in security. So now, as all settle in for the long haul, it might be a good time to revisit those WFH practices to make sure security is up to par.

Ref - AllStream

_______________________________________________________________________________________

(June 4, 2020)

COVID-19 themed phishing attacks

The COVID-19 pandemic is unfortunately seeing more and more scammers coming out of the woodwork. Now, the most recent scam exploiting our heightened vulnerability surrounding COVID-19 is a phishing attack that uses an Excel attachment as bait. The email is disguised as a communication from the Coronavirus Research Center of John Hopkins University, a well-known medical organization in the US.


_______________________________________________________________________________________

(June 4, 2020)

CyberPeace Institute comes to the aid of healthcare providers

CyberPeace Institute comes to the aid of healthcare providers around the world. The organization launched the Cyber4Healthcare project, the task of which is to help healthcare organizations increase cyber resistance through the services provided by the partners of the initiative. Any hospitals and other medical institutions involved in the fight against COVID-19 can contact the CyberPeace Institute for free help in strengthening their cyber defense.

Ref - BelinSoft

_______________________________________________________________________________________

(June 4, 2020)

NATO condemning cyber attacks amid Coronavirus crisis

NATO has issued a statement condemning cyber-attacks perpetrated in the midst of the ongoing global health pandemic. In particular, the organization slammed cyber-criminals who chose to target essential healthcare services, including hospitals caring for those infected with COVID-19 and medical research institutes trying desperately to find a cure for the novel coronavirus. The statement was issued in English, French, and Russian.


_______________________________________________________________________________________

(June 4, 2020)

BayLfD publishes best practice to prevent cyber attacks

The Bavarian data protection authority ('BayLfD') issued, on?3 June 2020, a best practice checklist ('the Checklist') to prevent cyber attacks in medical institutions in the context of the COVID-19 ('Coronavirus') pandemic. In particular, the Checklist provides an overview of practical cybersecurity measures for medical facilities, including a special section for laboratories, in accordance with the applicable legal data protection regulations.?


_______________________________________________________________________________________

(June 4, 2020)

Cybersecurity is one the biggest challenge amid Coronavirus

One of the challenges in the current operating model is cybersecurity. Both the attack surface (the sum of all possible risk exposures) and the frequency of attacks has increased in the past two months. Google has reported a 350% increase in the number of phishing attacks, many of them playing on people’s COVID-related fears, for example, suggesting that users have been identified as coming into contact with infected people. 


_______________________________________________________________________________________

(June 4, 2020)

Greater cybersecurity standards needed for COVID-19 pandemic

The Coronavirus pandemic is leaving the maritime and offshore energy sectors vulnerable to cyber-attack, with Naval Dome citing a massive 400% increase in attempted hacks since February 2020. While an increase in malware, ransomware, and phishing emails exploiting the COVID-19 crisis is the primary reason behind the spike, Naval Dome furthers that travel restrictions, social distancing measures, and economic recession are beginning to bite into a company’s ability to sufficiently protect itself.

Ref - AJOT

_______________________________________________________________________________________

(June 4, 2020)

COVID accelerated the cyber adoption in India

The new normal has forced many businesses, organizations, and people to operate from home. With businesses operating indoor, this has increased the risk of security breaches and threats which can lead to loss of data, breaches of privacy or holding systems to ransom, and more. As swiftly as, India digitized its working business scenario online, businesses now need to take up ‘online security’ as a key self-responsibility.

Ref - CXOToday

_______________________________________________________________________________________

(June 4, 2020)

Mobile phishing attacks skyrocket amid Coronavirus crisis

Along with other retailers big and small, Apple Stores have been subject to looting by opportunists amid the ongoing protests around the United States. In response, Apple has again closed all of its stores in the US. Stores had only recently reopened after closures related to the COVID-19 pandemic. It appears that the stolen iPhones don’t work and may even be tracked by Apple or authorities.

Ref - Cloudsek

_______________________________________________________________________________________

(June 4, 2020)

COVID-19 boosting demand for cybersecurity 

As the Coronavirus pandemic is reshaping the business world and boosting online retailers and streaming services, another corner of the digital economy is thriving at least as much: cybersecurity. Cybercriminals are increasingly trying to exploit the weaknesses of the new digital universe where millions of people log on to work from home computers. That’s boosting demand for defense against all types of attacks like ransomware or data theft.


_______________________________________________________________________________________

(June 4, 2020)

A new approach to reduce insuring cyber risk

As digitalization grows, cyber risks pose serious threats to businesses and consumers alike. However, the precautions taken to deal with these threats are often insufficient. More than 80% of the sampled firms have at least one vulnerability, and these firms were more than twice as likely to experience an incident compared to firms without vulnerabilities. Reducing vulnerabilities is key to dealing with cyberattacks.

Ref - Voxeu

_______________________________________________________________________________________

(June 3, 2020)

Ransomware attacks on the rise due to home working 

Remote working is now being enforced, with organizations being told to keep all their workforces at home wherever possible. Remote working has its advantages, but unfortunately, a sharp increase in the number of ransomware cases on the rise since the enforcement of the new remote working rules. Employees worldwide are working under a completely different set of parameters.


_______________________________________________________________________________________

(June 3, 2020)

Cybersecurity before or after COVID?19 pandemic

COVID?19 pandemic is causing massive amounts of disruption the world over. Governments have been issuing Orders and passing Legislation to restrict in-person contact and enforce social distancing. Some operations that have been allowed to continue have chosen to close or work remotely from the workplace as much as possible. This means that people are now attempting to "carry on business" remotely from their homes.

Ref - Mondaq

_______________________________________________________________________________________

(June 3, 2020)

Staying protected while working from home

To stay protected while working from, employees must understand the threats, and the organization must release clear guidance. All business leaders should ensure that any company-owned devices are equipped with the best security capabilities. This includes the following; Endpoint protection, ability to put a block on malware, exploits, and ability to connect securely to a business-owned cloud.

Ref - SAFR

_______________________________________________________________________________________

(June 3, 2020)

Malware attacks increasing due to Coronavirus pandemic

Coronavirus-themed campaigns have resulted in a surge in malware threats over recent months. Cybercriminals have preyed on the confusion, fear, and uncertainty surrounding the global coronavirus pandemic to give fresh impetus to often well-established malware strains. Exploit-ridden websites and phishing emails were the main reason for the increase in malware activity.



_______________________________________________________________________________________

(June 3, 2020)

Cybersecurity investments are required during COVID-19 pandemic

The 2020 FTI Consulting Resilience Barometer, which polled more than 2,000 respondents from large companies across all G20 countries, reported that companies in the region are suffering cyber-attacks and falling victim to ransomware more than global averages (33% vs. 27% for overall attacks). While most leaders in the region are aware of the risks - 84% surveyed believe they have cybersecurity gaps.


_______________________________________________________________________________________

(June 3, 2020)

Cybersecurity risks associated with COVID-19

Bad actors are always looking for an opportunity to exploit vulnerabilities for their own benefit, something that is especially apparent in the significant increase in phishing scams capitalizing on the current crisis. The National Cyber Security Centre (NCSC) identified a significant uptick in COVID-19-related fraud attempts that strive to take advantage of people’s sense of fear and urgency to exploit critical data.


_______________________________________________________________________________________

(June 3, 2020)

Cyberattacks on healthcare sector surging amid COVID-19

As the global healthcare sector battles the ongoing COVID-19 pandemic, the number of cyberattacks targeting it has surged. The current pandemic has exacerbated the situation, expanded the spectrum of the threat and target list, and brought many basic vulnerabilities that stakeholders have ignored to the surface, making healthcare organizations much more vulnerable.


_______________________________________________________________________________________

(June 3, 2020)

COVID-19 theme cyber risks around the world

Over the past few weeks, Deloitte CTI has traced a wide range of cyberattacks related directly to COVID-19. As consistently reported, they assessed with high confidence that the Coronavirus pandemic has not resulted in any observable changes to threat actor tactics, techniques, and procedures. What has changed, however, is the level of risk to which organizations are now exposed.

Ref - Deloitte

_______________________________________________________________________________________

(June 3, 2020)

Cyber Attacks related to Coronavirus pandemic

It’s not news that cybercriminals leverage panic, doubt, and sometimes even go a step further and do recon on a target before crafting that enticing and urgent email, all in the hopes of increasing the possibility that a victim will open an email and fall prey to their efforts. Most of these attacks are being delivered via email, so typically they are mass spam campaigns. However, some are very targeted attacks, along with some accidental and planned DDoS attacks as well.

Ref - Fortinet

_______________________________________________________________________________________

(June 3, 2020)

Pakistan facing increased cyber harassment complaints amid COVID-19 lockdown

A Pakistani rights body said it registered a 189 percent increase in cyber-harassment complaints during the countrywide lockdown to contain the spread of the coronavirus. The Digital Rights Foundation said the complaints were registered with its Cyber Harassment Helpline. The helpline reported a combined 136 complaints of cyber harassment in March and April during the lockdown.

Ref - WIONews


_______________________________________________________________________________________

(June 3, 2020)

The COVID19 is most prominent security trend

The impact of the COVID-19 pandemic is the most prominent trend in cybersecurity for 2020, according to Infosecurity Magazine's latest State of Cybersecurity Report. As outlined in a session at the Infosecurity Europe Virtual Conference, in the annual report, which this year surveyed 75 people including 25 cyber-practitioners, 25 people working in academia, and 25 venture capitalists and entrepreneurs.


_______________________________________________________________________________________

(June 3, 2020)

Data and financial loss is the biggest cyber fear amid Coronavirus

US householders confined to their home and spending more time online fear the threat of data and financial loss due to a cyber-attack above concerns about the risks their children face while online. As COVID-19 grips the world, more than 5,000 consumers across five countries in a bid to understand how perceptions, priorities, and general knowledge of online security are changing in these unprecedented times.

Ref - Irdeto

_______________________________________________________________________________________

(June 3, 2020)

Sens. proposed bill for COVID-19 Contact Tracing apps privacy regulation 

Sens. Maria Cantwell, D-Washington, and Bill Cassidy, R-Louisiana, recently introduced privacy legislation designed to protect the data collected, used, and maintained by COVID-19 contact tracing apps and other commercial online exposure notification systems, while establishing enforcement provisions. Coronavirus Contact Tracing apps poses serious privacy and security risks.


_______________________________________________________________________________________

(June 3, 2020)

COVID-19 now becomes the biggest opportunity for cybercriminals

In a new report by Check Point Research has made public startling figures on cyberattacks built to take advantage of the novel coronavirus pandemic. In the three weeks leading up to 12 May, the company recorded around 192,000 coronavirus-related cyber attacks, a staggering 30% increase. The April-May period also saw 20,000 new coronavirus-related domains on the internet, 17% of these were malicious or suspicious, according to the report.

Ref - LiveMint

_______________________________________________________________________________________

(June 3, 2020)

Cybersecurity evolved due to Coronavirus pandemic

COVID-19 pandemic has pushed organizations across the globe to adapt scaled remote and digital ways of working. As working environments expand beyond the traditional perimeter, information security teams can no longer rely on existing practices and capabilities against the new threats that permeate in the age of the new normal. Now more than ever, security leaders need to bolster their knowledge and capabilities around cybersecurity best practices.


_______________________________________________________________________________________

(June 3, 2020)

Digital violations are thriving amid Coronavirus pandemic

Digital rights violations proliferated in Central and South-East Europe during the coronavirus pandemic, with over half of them involving propaganda, disinformation or the publication of unverified information, monitoring by BIRN has shown. From January 26 to May 26, BIRN collected information about 163 cases of breaches of digital rights in Bosnia and Herzegovina, Croatia, Hungary, North Macedonia, Romania, and Serbia.



_______________________________________________________________________________________

(June 3, 2020)

Ensuring cybersecurity while remote working

Now, while working from home, several safety standards have to be borne in mind, especially when employees are using their home computers that have turned out to be their work computer. it’s important for employees working remotely to maintain a security mindset. Thus, organizations are taking efforts to constantly create cybersecurity awareness amongst their employees as often people are the weakest link in the chain.


_______________________________________________________________________________________

(June 3, 2020)

Global Network Security Firewall market amid Coronavirus 

The global Network Security Firewall market is experiencing steady growth in the forecast period. The cybersecurity industry in the country is highly advanced in terms of the know-how and volume of local industry professionals. Moreover, recent incidents, including enterprise-level cyber-attacks and international cyber warfare, have augmented awareness of cybersecurity threats and have boosted demand for cybersecurity products.


_______________________________________________________________________________________

(June 3, 2020)

Cybersecurity product trial extended to fight against Coronavirus theme cyber attacks

Amid COVID-19, InternetNZ has announced that its new cybersecurity product, Defenz Domain Name System (DNS) Firewall, is available for a free four-month trial. This extended trial is offered to organizations and businesses, Internet Service Providers and Managed Service Providers, tertiary education, nonprofit, and government organizations between 3 June 2020 and 30 September 2020. It protects Internet users from phishing attacks.


_______________________________________________________________________________________

(June 2, 2020)

NYDFS issued guidance on COVID-19 cybersecurity risks

As the coronavirus (“COVID-19”) pandemic continues, cybercriminals have upped the intensity of their COVID-19-themed cyber-attacks designed to exploit the current crisis. With financial institutions representing primary targets for COVID-19 cyber-attacks, the New York Department of Financial Services (“NYDFS”) issued new guidance to regulated entities regarding cybersecurity awareness. 

Ref - Blankrome

_______________________________________________________________________________________

(June 2, 2020)

Due to Coronavirus IT spending in India could be dropped

Due to the COVID-19 pandemic impact, IT spending in India will total $83.5 billion, a decline of 8.1 percent in 2020, according to a forecast by Gartner on Wednesday. This is the first decline in IT spending experienced in India in the last five years. The fear of a global economic recession due to the COVID-19 pandemic is forcing CIOs (Chief Information Officers) in India to be very cautious about their IT spending.


_______________________________________________________________________________________

(June 2, 2020)

CSC urges swift implementation of key recommendations

U.S. Senator and a Congressman co-chair of the Cyberspace Solarium Commission (CSC), announced the release of a new Cyberspace Solarium Commission white paper, “Cybersecurity Lessons Learned from the Pandemic.” While many of the challenges identified in this white paper and the Commission’s final report have existed for the better part of four presidential administrations.


_______________________________________________________________________________________

(June 2, 2020)

COVID-19 is blamed for the increase in cyber attacks against the financial sector

Disarray caused by the pandemic has become a breeding ground for financially-motivated attacks. The coronavirus pandemic has been connected to a 238% surge in cyberattacks against banks, new research claims. Financial organizations experienced a massive uptick in cyber attack attempts between February and April this year, the same months in which COVID-19 began to spread rapidly across the globe.


_______________________________________________________________________________________

(June 2, 2020)

Cyber hygiene tips for SMEs amid COVID-19 pandemic

Crises like the current COVID-19 pandemic have a serious impact on the European as well as the International society and economy. Small and medium-sized enterprises (SMEs) should address
these cyber hygiene: management buy-in, risk assessment, cybersecurity policy, updates, awareness, access management, endpoint protection, secure remote access, backup, and Incident management plan. 

Ref - Europa

_______________________________________________________________________________________

(June 2, 2020)

Security tips to prevent COVID-19 themed phishing attacks

People should remain vigilant to phishing threats, be on the lookout for suspicious emails, and look to trusted sources for information and updates regarding COVID-19. Cybersecurity experts and sysadmins must keep systems up-to-date. While this won’t block all possible attacks, many modern platforms and tools include countermeasures designed to prevent phishing and another type of cyberattacks.

Ref - Insights

_______________________________________________________________________________________

(June 2, 2020)

Cyber attackers are exploiting COVID-19 pandemic

COVID-19 has rocked everyone’s world in some way or another. Whether it’s working from home, or practicing social distancing. One thing that hasn’t changed is that cybercriminals and nation-state actors continue to take advantage of local, national, and global events to attack, disrupt, steal from, and extort commercial industry, critical infrastructure providers, healthcare providers, research and education institutions, and Government and military organizations.


_______________________________________________________________________________________

(June 2, 2020)

COVID-19 forced the adoption of widespread tech upgrades

The prevalent situation with COVID-19 has accelerated the industry’s shift to digital. Complex operations such as banking and finance have been forced to evolve quickly. While this has forced the adoption of widespread tech upgrades, it has also heightened the need to deal with security threats to which the banking industry is highly vulnerable. With a massive adoption in digital banking, all relevant stakeholders need to have a keen eye on safety and security online.


_______________________________________________________________________________________

(June 2, 2020)

Business more likely to face cyber attacks during Coronavirus

About 61 percent of Indian business leaders and decision-makers think their business is more likely to experience a serious cybercrime during the COVID-19 situation as opposed to 45 percent globally. About a third of small and medium-sized businesses (SMBs) believe that cyberattacks are more likely to occur during the COVID-19 situation than before, showed the study by US-based cybersecurity company CrowdStrike.


_______________________________________________________________________________________

(June 2, 2020)

dinCloud improved their cybersecurity amid Coronavirus pandemic

dinCloud is a leading Cloud Service Provider (CSP) that serves global customers through its multiple data centers. The CSP enjoys an impeccable track record in cybersecurity, which has been further consolidated in the wake of the recent COVID-19 crisis. The dinCloud has upgraded its entire cloud infrastructure to the latest security patches, with a particular focus on cyber threats emerging from the COVID-19 crisis.

Ref - DinCloud

_______________________________________________________________________________________

(June 2, 2020)

Securing an e-commerce store amid COVID-19

Without a proactive prevention plan, an eCommerce store is bound to lose customer data and revenue as transactions soar during COVID-19. To stay protected, follow these steps: do not store customer data, train in-house teams, educate customers, implement multi-layer security, cloud-based systems have greater protection. When looking ahead, focus on e-commerce security, and put the right protection in place.


_______________________________________________________________________________________

(June 2, 2020)

Hospitality industry should invest in cybersecurity after COVID-19 crisis

The way global business fighting relentlessly to survive against the chaotic threat of the Coronavirus, all industries are exposed to criminal cyber-threats, and so the security of highly sensitive data must be handled appropriately. The industry-wide initiative is now an absolute necessity to ensure both SMEs and large hospitality corporates stand the best fighting chance to succeed in their cyber journey amid and beyond the global pandemic.


_______________________________________________________________________________________

(June 2, 2020)

Cyberattacks increased against financial services firms greatly

The Financial Services Information Sharing and Analysis Center 1 ("FS-ISAC") warned financial services companies, and particularly smaller firms, of a substantial increase in attempted cyber attacks since the start of the COVID-19 pandemic. In particular, cyber-attacks targeted at bank employees rose in the first quarter of 2020. As of early April, FS-ISAC had also identified over 1,500 fraudulent or phishing websites.

Ref - Mondaq

_______________________________________________________________________________________

(June 2, 2020)

Protecting organization form Coronavirs themed cyber attacks

Establishing clear policies and procedures for the employees to follow while they work from home Providing appropriate security tools such as VPNs to the entire remote workforce. Implementing an action plan for the employees returning to the office once things are back to normal. Ensuring that incident response and handling practices are in place. Facilitating clear communication that gets employees on board.

Ref - HiveLife

_______________________________________________________________________________________

(June 2, 2020)

Cybersecurity risks in the oil & gas sector

Cyber threats are not just limited to the digital world but can manifest themselves as direct risks to physical assets. One side effect of the global spread of COVID-19 has been the rapid rise in the number of cyber-attacks across all sectors, which have risen by a third compared to the same period in 2019. Cybercriminals, ‘bad actors,’ are using the opportunity to exploit vulnerabilities in the IT infrastructure and security of companies.

Ref - GDPR

_______________________________________________________________________________________

(June 2, 2020)

Mobile security threats & growth during COVID-19

COVID-19 crisis has transformed the thought process of a company's management and board toward cybersecurity. A recent survey revealed that the impact of COVID-19 on the global cybersecurity market size is expected to grow from $ 183.2 billion in 2019 to $ 230.0 billion by 2021, exhibiting a CAGR of 12% during the forecast period. The overriding market forces stimulating investment up to 2019 will remain largely unchanged.

Ref - Yahoo

_______________________________________________________________________________________

(June 2, 2020)

Cybercriminals’ are waiting for businesses to reopen 

As business slowly and cautiously reopens, cybercriminals lie in wait. A case study into a massive unemployment insurance fraud shows that cybercriminals patiently hunt for lucrative opportunities to strike. For that reason, companies reopening should consider conducting a cyber-audit to identify their cyber vulnerabilities and thwart cybercriminals lying in wait. Cybercriminals may use the chaos caused by the COVID-19 pandemic for an optimal opportunity to strike.


_______________________________________________________________________________________

(June 2, 2020)

Business Email Compromise cyber attacks at rise during Coronavirus pandemic

Business Email Compromise (BEC) attacks are a sophisticated type of scam that target both businesses and individuals with the aim of transferring funds from victims’ bank accounts to criminals. Right now, they have the perfect vehicle for scams with the COVID-19 pandemic. The new working conditions enforced by the global outbreak has triggered a spike in BEC scams because more remote working means more opportunities to catch users off guard.


_______________________________________________________________________________________

(June 2, 2020)

Improving security for remote work amid COVID-19

Be suspicious of offers that seem too good to be true, not feel pressured to agree to offers or deals on insurance, pensions or investments, check the credentials of the person they are dealing with by getting a name and contact details. Never give out personal details such as an insurance or pensions policy numbers or other account details. Always use contact details on documents provided by insurers or pension companies and never assume that all online sites are genuine.

Ref - Capita

_______________________________________________________________________________________

(June 2, 2020)

New variants of malware discovered during Coronavirus

Cybercriminals are known to leverage on the global phenomenon for personal gain, be it the elections or the Olympic Games. Hackers are using social engineering tools to formulate phishing emails in the name of the World Health Organization (WHO) and other regulatory bodies to target vulnerable victims. Here are some of the COVID-19-themed malware and ransomware: COVIDLock, Dharma, Emotet, Maze, REvil, and NetWalker.

Ref - CISOMag

_______________________________________________________________________________________

(June 2, 2020)

Privacy and security in the Coronavirus era

As healthcare organizations do battle against COVID-19, they also must stay on vigilant defense against cybercriminals intent on taking advantage of the crisis to sow chaos and disrupt clinical processes. Meanwhile, there are new places to safeguard and secure, whether they're hastily-erected ad hoc field hospitals or massively scaled up telehealth deployments. And fast-expanding efforts at contact tracing present their own unique and challenging privacy implications.


_______________________________________________________________________________________

(June 2, 2020)

COVID-19 themed cyber campaigns increasing malware threats

Malwarebytes just released its latest quarterly Cybercrime Tactics and Techniques (CTNT) report, a special edition. The report is entitled, “Cybercrime tactics and techniques: Attack on home base.” The report focuses on recent, increased malware threats which all have one, the big thing in common using coronavirus as a lure. The report analyzes the trojans, info stealers, and botnets that threat actors delivered to increasingly more homes.


_______________________________________________________________________________________

(June 2, 2020)

Cybersecurity professionals are in demand due to Coronavirus

COVID-19 is increasing the demand for cybersecurity professionals in Hong Kong and Singapore, but travel restrictions triggered by the virus are reducing an already tight talent pool. As a result, candidates can still command decent pay hikes if they move banks. Demand for cybersecurity professionals at banks in Asia has been on the rise since February, in lockstep with traffic increases to banks’ digital platforms during the pandemic.


_______________________________________________________________________________________

(June 2, 2020)

Cybercriminals taking advantage of uncertainty around COVID-19 pandemic

Bad actors are exploiting the uncertainty surrounding COVID-19 through phishing attacks and malicious websites. Simultaneously, national outlets are sounding the alarm about increased attacks and vulnerabilities. There is the reason for alarm, of course, the sense of normalcy has shifted completely. However, during times like these, people must remind themselves to practice compassion, remain level-headed, and avoid stoking hysteria.

Ref - CommPro

_______________________________________________________________________________________

(June 2, 2020)

COVID-19 outcomes on fraud detection and prevention market

COVID-19 impact on the global Fraud Detection and Prevention (FDP) market size is projected to grow from USD 23.4 billion in 2019 to USD 38.6 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 28.4% during the forecast period. The market growth can be attributed to increased risks from remote access, the growing use of electronic transactions amidst pandemic crises, and the rising revenue losses due to fraudulent activities.


_______________________________________________________________________________________

(June 2, 2020)

Protecting businesses from cyber attacks after Coronavirus crisis

Thousands of businesses re-opening in the UK could be at risk of cyber-attacks says tax and advisory firm Blick Rothenberg. So, businesses need to be as savvy as they can as they go back to work and get their systems up and running. Account accesses, policy, and security procedure changes made to accommodate remote work should be reassessed and readjusted periodically to determine if they are still relevant.


______________________________________________________________________________________

(June 2, 2020)

Cybersecurity must adapt accordingly to Coronavirus themed attacks

COVID-19 pandemic has changed how people work, and cybersecurity needs to reflect this new normal. As networks and cloud environments stretch to accommodate the new reality, edge security strategies must be extended. The challenge here is not a new technology, but old mindsets. For businesses all over the world, adjusting to the new realities created by COVID-19 has been an incredible challenge.

Ref - WeForum

_______________________________________________________________________________________

(June 2, 2020)

Bad cyber habits compromise the safety of data and online accounts

New data from a biometric authentication provider, iProov, reveals that despite 26% of Brits feeling more vulnerable to online hackers due to the threat of COVID-19, many still have concerning habits that compromise the safety of their data and online accounts. The research, which polled UK consumers, also reveals that 71% believe they need to authenticate online identity is more important now than ever before.

Ref - BobsGuide

_______________________________________________________________________________________

(June 1, 2020)

Cybersecurity should be an integral part of any pandemic response plan

COVID-19 and the resulting lockdowns, quarantines and economic changes certainly counts as a ‘situation’ for cybersecurity. While it would be nice if cybersecurity could temporarily take a backseat while people and organizations figure out how to adapt to truly new working conditions, the reality is that a user can’t do things like rapidly shift to working from home. So, cybersecurity should be part of the pandemic response.

Ref - TripWire

_______________________________________________________________________________________

(June 1, 2020)

Improving data security during COVID-19 crisis

Organizations should implement a data governance policy that articulates the principles, practices, and standards deemed necessary by organizational leaders to ensure high-quality data and that their data assets are protected. Here are some best practices: separate generic information, Define a chain of command, Ensure adherence to reporting and compliance requirements, and devise a process to identify and fix any deviations from the established data control measures.

Ref - Forkast

_______________________________________________________________________________________

(June 1, 2020)

Coronavirus themed cyber threats are increasing worldwide 

Industry experts are warning businesses and individuals against the increasing threat of worldwide cyber-attacks. Steve Inch, a global security manager with HP, calls the attacks the invisible threat of COVID-19. It's just ballooning up and had seen 600% increase. According to Inch, the biggest reason for the increase in attacks is because of the number of people working from home or remotely. That opens up more potential targets for hackers

Ref - KTVB

_______________________________________________________________________________________

(June 1, 2020)

Cyber attackers capitalizing COVID-19 pandemic

The coronavirus pandemic has made networks more lucrative and vulnerable to cyberattacks than ever before. Employers should know the risk. With more employees working from home, people’s home computers can pose as much security risk to their company as its home server. Also, online crimes reported to the Federal Bureau of Investigation have increased by 400% since the onset of the coronavirus pandemic.


_______________________________________________________________________________________

(June 1, 2020)

IT services in uncertain times due to Coronavirus crisis

Due to the COVID-19 lockdown, most Namibian businesses had to find creative ways to continue operations while keeping their employees, customers, and suppliers safe. More often than not, this took the form of remote working arrangements. The increased use of IT in combination with the distance between users and the IT function resulted in an uptick of cyber-attacks. None-the-less, the lockdown period also taught us valuable lessons about what is actually possible to achieve if the need for rapid change arises.

Ref - Deloitte

_______________________________________________________________________________________

(June 1, 2020)

Cyber attacks keep rising due to COVID-19 crisis

The COVID-19 pandemic continues to disrupt the economy and business operations since social distancing and other mitigation measures went into effect in March. It hasn’t helped that cybercriminals have used the general commotion around COVID-19 to launch an ever-increasing number of online threats and attacks. In fact, hackers are using the disruption created by the coronavirus pandemic to target people and steal personal information.


_______________________________________________________________________________________

(June 1, 2020)

Zoom releases an updated version of the app with the latest encryption

Unguarded usage of Zoom between professionals working from home due to the COVID-19 pandemic can be vulnerable to attacks by leakage of sensitive office chat to cybercriminals. To solve the issue Zoom has released an enhanced and encrypted version of the application in order to ensure protection and privacy of personal information. The latest version 5.0 of Zoom has been released which supports AES 256-bit GCM encryption.


_______________________________________________________________________________________

(June 1, 2020)

Remote attacks on cloud service grew 600% during Coronavirus pandemic

A recent McAfee report confirms that cybercriminals have been steadily working to exploit the increase in remote work during the COVID-19 pandemic, with researchers finding that remote attacks on cloud service targets increased by a whopping 630 percent during the first four months of 2020. Researchers analyzed data from 30 million McAfee cloud global customers across all sectors, including healthcare, for its Cloud Adoption & Risk Report to determine the impact the Coronavirus on the cloud environment.


_______________________________________________________________________________________

(June 1, 2020)

NHS Test & Trace scheme is exploited with smishing attack

The NHS Test & Trace scheme is already being exploited by cybercriminals, with a new smishing (SMS-phishing) attack telling citizens that they have been in contact with someone who has COVID-19. An example of the text message is below. These kinds of fake text messages typically include a link to a malicious site or will ask the receiver to share personal information that could then be used to commit identity fraud.


_______________________________________________________________________________________

(June 1, 2020)

COVID-19 pandemic taught important lessons about cybersecurity

COVID-19 is not the only risk with the ability to quickly and exponentially disrupt the way people live. The crisis shows that the world is far more prone to disturbance by pandemics, cyberattacks, or environmental tipping points than history indicates. The first lesson it taught that a cyberattack with characteristics similar to the coronavirus would spread faster and further than any biological virus and second is the economic impact of a widespread digital shutdown would be of the same magnitude.

Ref - WeForum

_______________________________________________________________________________________

(June 1, 2020)

UK public concerns about cyber-attacks with COVID-19 tracing app

Almost half (48%) of people in the UK questioned the NHSX contact-tracing app say they don’t trust the government to keep their information safe from hackers, according to a 1,000-person survey. The smartphone app, which is being piloted on the Isle of Wight, is part of the government’s ‘test, track, and trace’ strategy as the country eases out of coronavirus lockdown, with fewer restrictions in social distancing.


_______________________________________________________________________________________

(May 31, 2020)

Working from home increased cyber risks 

COVID-19 is forcing business leaders to adapt operating models faster than ever before to ensure existential survival. The large-scale adoption of work-from-home technologies, exponentially greater use of cloud services, and the explosion of connectivity allow companies to continue operations even with social distancing and “stay at home” orders. The paradigm shift is putting immense pressure on cybersecurity operations.

Ref - ThePrint

_______________________________________________________________________________________

(June 1, 2020)

State sponsored attacks from China affecting COVID-19 vaccine development

Over the past few months, malicious cyber actors have tried to exploit COVID-19 fears to deliver malicious software and steal data. The increasing number of state-sponsored attacks originating from China at rise. These are attacks aimed at espionage on COVID-19 vaccine development. It is not the first time that China has been involved in corporate espionage, but these new attacks are hindering vaccine development in the U.S.

Ref - CisoMag

_______________________________________________________________________________________

(June 1, 2020)

Financial services affected by COVID-19 themed cyber attacks

A new report by security firm McAfee has shown that hackers are exploiting threat opportunities by abusing cloud account credentials, with financial services being the biggest target. The regional director of MVISION Cloud Asia Pacific, McAfee told ifa sister publication Adviser Innovation that the financial services sector saw a 571 per cent increase in cloud threats from January to April 2020.

Ref - IFA

_______________________________________________________________________________________

(June 1, 2020)

Cyber attacks at rise due to Coronavirus outbreak

Many people are doing work from home due to coronavirus. Cyber ??security risk for companies has increased due to work from. Employees are accessing personal data of companies from their home laptops or PCs installed at home. They may not have the same level of firewall or security system that an office computer has. In such a situation, the chances of cyber attack are increased. 

Ref - Bhasker

_______________________________________________________________________________________

(June 1, 2020)

Cyberattacks are keep increasing amid COVID-19 crisis

Cyberattacks are on the rise, and new cybersecurity risks are emerging due to the unprecedented changes in the way companies and their employees are currently forced to do business. In the last two months, cyberattacks have exploited the unique challenges that businesses face due to increased teleworking. Some examples include hacking, video- and teleconference hijacking, data breaches, and fraud.


_______________________________________________________________________________________

(June 1, 2020)

FIS is taking a comprehensive and multi-layered approach to fight against cyber attacks

Business continuity amid the COVID-19 lockdown is a big issue for all companies. To mitigate cyber threats and protect data, FIS is taking a comprehensive and multi-layered approach. They make use of advanced tools that include artificial intelligence to monitor and detect fraudulent transactions on a real-time basis. The system continuously monitors various threat vectors and advises users to remain vigilant against such cyberattacks.


_______________________________________________________________________________________

(June 1, 2020)

Using intelligent automation during COVID-19 pandemic

The COVID-19 pandemic has, in its relatively short tenure, already introduced unprecedented change on organisations, and is expected to continue doing so for at least the next few months. To solve this issue, intelligent automation can be an option as it spans across basic process automation, enhanced automation (e.g. machine learning, natural language processing) and cognitive automation (e.g. artificial intelligence). 


Ref - KPMG

_______________________________________________________________________________________

(June 1, 2020)

Healthcare is prime target for cybercrime during Coronavirus

The healthcare is now firmly in the sights of cybercriminals due to Coronavirus pandemic. Medical records generate significant profits on dark web black markets and forums. And their loss can incur significant penalties for failing to comply with data privacy laws. In addition to exploiting stolen data for crime, the critical nature of services provided makes healthcare a prime target for ransomware attacks.


_______________________________________________________________________________________

(June 1, 2020)

Preventive measures to stay protected from Coronavirus themed attacks

Storing sensitive data in the app on the necessary personal device, a user should have a security tool that can detect malware. Beware of phishing emails and messages, make strong passwords, enable two factor authentication required. It has also become necessary to take cyber-insurance insurance cover. A comprehensive cyber insurance cover provides protection against various types of cyber risk.


_______________________________________________________________________________________

(June 1, 2020)

VivaVideo application operating as a spyware amid COVID-19

Recently, researchers at VPNpro have discovered that a famous app named VivaVideo available on both Android and iOS with over 100 million installations is operating as spyware. Developed by a Chinese company named QuVideo Inc; there are 4 other apps developed by the same company and engaged in such malicious actions.

Ref - CloudDesk

_______________________________________________________________________________________

(June 1, 2020)


Cyber criminals are exploiting fears of COVID-19 to step up ransomware attacks

Monitoring of billions of security events daily has revealed that cyber criminals are exploiting fears of COVID-19 to step up ransomware and malware attacks, reports Fortinet FortiGuard Labs. The research indicates that ransomware will be a hallmark challenge for the year ahead, along with myriad other cyber threats such as phishing scams, targeted malware, or a combination of both.

Ref - ITWeb

_______________________________________________________________________________________

(June 1, 2020)


COVID-19 pandemic changed the dynamics of InfoSec

Seemingly overnight, as society shifted to lockdowns, social distancing, unemployment, hourly data on the health effects of COVID-19 and countless other challenges, the cybersecurity world’s priorities, strategies and tasks have been turned upside down, as well. With this sudden shift to work-from-home (WFH) operations, businesses are now forced to deal with increased activity from both independent and nation-state cybercriminals.


_______________________________________________________________________________________

(June 1, 2020)


Staying protected while working from home 

An IT consultant, and a Harvard Trained Entrepreneur, has cautioned companies to use these safe online practices to prevent cybercriminals from hacking: change passwords regularly, Take a look at the spyware, restrict access and block unauthorized websites. Limiting access to some electronic information decreases the risk of a security breach, ensuring that correct people have access to certain data is a safe practice.


_______________________________________________________________________________________

(May 31, 2020)


Half of companies around the world suffered a cybersecurity issue during COVID-19 crisis

The novel coronavirus disease (COVID-19), which has put almost the entire Western world on lockdown, has triggered a spike in cyberattacks and cybercrimes. The European Commission has raised the alert level, urging strong cyber resilience. A survey done by Barracuda Networks, a U.S. company providing security software, indicated that almost half of companies around the world had suffered a cybersecurity issue amid COVID-19.

Ref - BjReview

_______________________________________________________________________________________

(May 31, 2020)


Multi-level influence model of COVID-19 related cyber attacks

The recent severity and frequency of cybercrime has been dominated by a single theme, the COVID-19 pandemic. By research, a multi-level influence model is developed to explore how cybercriminals are exploiting the COVID-19 pandemic by assessing situational factors, identifying victims, impersonating trusted sources, selecting attack methods, and employing social engineering techniques.


_______________________________________________________________________________________

(May 31, 2020)


Outdated websites targeted by hackers amid Coronavirus pandemic

Several outdated Sri Lankan websites are vulnerable to cyber attacks, a local IT group has warned, after three state-managed websites came under attack. The websites of Sri Lanka’s health ministry, foreign employment bureau, and the public administration ministry had been defaced on Saturday by a group calling itself the Tamil Eelam Cyber Force. No data breach had occurred in this attempt to deface the websites.

Ref - NewsFirst

_______________________________________________________________________________________

(May 31, 2020)


The U.S is now at increased risk of cyber attacks 

With millions of Americans working remotely from unsecured devices, China facing accusations that it is seeking to steal research on COVID-19 vaccines, and a presidential election just months away, the United States is facing an onslaught of cyber threats stated by a Texas Republican. He also stated that the federal government and the business sector can improve information-sharing on cyber threats.

Ref - Protocol

_______________________________________________________________________________________

(May 30, 2020)


Cybercriminals targeting victims through COVID-19 information

A new type of impersonation attack has been identified that is using Google file sharing and storage websites like Google Docs to trick victims into sharing login credentials. Of the nearly 100,000 form-based attacks detected between January 1 and April 30, Google Docs was used in 65 percent of attacks, making up 4 percent of all spear-phishing attacks in the first four months of 2020, said Barracuda Networks, a leading provider of cloud-enabled security.

Ref - India

_______________________________________________________________________________________

(May 30, 2020)


Cyber-attacks are a big challenge for the healthcare sector

The global healthcare sector is desperately trying to cope with the sheer scale of the COVID-19 medical crisis. While healthcare providers already have too much on their plates to worry about, cyber-attacks are posing a whole new set of challenges. In these unprecedented times in which one would think that the world needs solidarity to cope with this global crisis, there are still nefarious cyber actors operating across the globe that are targeting the healthcare sector like never before.

Ref - DinCloud

_______________________________________________________________________________________

(May 30, 2020)


Cybersecurity is a double challenge amid Coronavirus pandemic 

The fast-changing COVID-19 situation calls for security teams to adopt a dual mission as their response to the pandemic: Maintaining continuity of operations and protecting against new cyber threats. While most organizations started with a focus on continuity of business operations, it is becoming increasingly important to give equal attention to protecting against new cyber threats and challenges.


_______________________________________________________________________________________

(May 30, 2020)


Coronavirus-themed attacks targeting Italian users 

Security experts from D3Lab have uncovered a new COVID-19-themed phishing campaign that is targeting the users of the Italian National Institute for Social Security (INPS). Like a previous campaign observed in early April, threat actors set up a fake INPS site used (“inps-it[.]top”) to trick victims into downloading a malicious app. The fraudulent activity is carried out through a web domain.


_______________________________________________________________________________________

(May 30, 2020)


A security firm offering ist cyber security products for free

India-based cyber security firm K7 Computing on Sunday said it will provide its cyber security products free-of-cost in the backdrop of COVID-19 or coronavirus pandemic. The cyber security firm said the COVID-19 pandemic provides an opportunity to cyber criminals to wreak havoc and exploit the vulnerabilities in the security protections of consumers and organizations. The products can be availed on laptops, desktops, Android phones and Endpoint Protection in the organizations


_______________________________________________________________________________________

(May 29, 2020)


Online malicious activities increased due to Coronavirus 

Over 16,000 coronavirus-related domains have been registered since January 2020, which are 50% more likely to be fraudulent than other domain registrations, according to research by Accenture iDefense. With many businesses remote working, the risk of a successful cyber-breach has increased. Malicious threat actors are taking advantage as organisations reconfigure their supply chains, offer more digital experiences, and meet the demands of a remote workforce.


_______________________________________________________________________________________

(May 29, 2020)


COVID19 lures spreading Himera and Absent-Loader

Researchers at ZLab spotted a new phishing campaign using COVID19 lures to spread Himera and Absent-Loader. These incoming spam emails directed to many companies were leveraging FMLA (Family and Medical Leave Act) requests related to the ongoing COVID19 pandemics. These emails were weaponized with two versatile cyber-criminal tools: Himera and Absent-Loader.


_______________________________________________________________________________________

(May 29, 2020)


Prominent cyber attacks during COVID-19 outbreak

A list of 7 most prominent and threatening cyber-attacks that occurred worldwide during this Corona pandemic has been prepared. It includes the WhatsApp scam and the British supercomputer ARCHER exploitation. It also includes Pakistan’s ISI creating fake Aarogya Setu app for snooping Indian officials, phishing attack impersonating Amazon Web Services to steal user credentials and hackers allegedly hijacked a virtual Bible study class on Zoom App.

Ref - Medium

_______________________________________________________________________________________

(May 29, 2020)


Cyber attacks are taking advantage of heightened focus on COVID-19

The attacks are taking advantage of the heightened focus on COVID-19 to distribute malware, steal credentials, and scam users out of money. While phishing tactics are common in nature, this is a new kind of form-based attack that researchers have been steadily detecting throughout the beginning of the year. The numbers are expected to grow in the coming months as attackers are successfully able to harvest credentials with these attacks.

Ref - LiveMint

_______________________________________________________________________________________

(May 29, 2020)


COVID-19 pandemic impact on the auto cybersecurity market

The increasing demand for digital technology from the consumers leads automakers to consider connected vehicle technology as a new business model for their future growth. The Global Auto Cyber Security market is expected to grow at a CAGR of 13.2% during the period 2018-2024. The growth of the security market is due to an increase in demand for wireless-based applications from connected car enablers and security segments. 


_______________________________________________________________________________________

(May 29, 2020)


NSA warns of ongoing GRU campaign amid Coronavirus

The US NSA has issued a warning that Russia's GRU continues to exploit the Exim mail vulnerability (CVE-2019-10149). NSA identifies the Russian unit involved as, specifically, belonging to GRU's Main Center for Special Technologies (GTsST), the group commonly known as Sandworm. The vulnerability was disclosed and patched in June of last year, and NSA advises users to apply it. The GRU has been exploiting the bug since August 2019.


_______________________________________________________________________________________

(May 29, 2020)


UN chief seeking attention on cyberspace security

United Nations Secretary-General Antonio Guterres said that attention should be given to increasing the risk of nuclear proliferation and the lawlessness of cyberspace, while the international community has been fighting the COVID-19 pandemic. The United Nations Secretary-General said this at the largest gathering of leaders since the pandemic began, coming together around joint solutions to the crisis caused by the pandemic.

Ref - China

_______________________________________________________________________________________

(May 29, 2020)


Government-backed attackers taking advantage of Coronavirus outbreak

The COVID-19 pandemic has given enormous opportunities to hackers, who have reportedly been carrying out many phishing and cyberattacks, globally. Many such incidents involved government-backed attackers. Google sent warnings to 1,755 users globally, about their accounts getting hacked by various attackers. Google said its Threat Analysis Group (TAG) is tracking more than 270 government-backed groups from 50 nations.

Ref - IndianEra

_______________________________________________________________________________________

(May 29, 2020)


COVID-19 is unleashing a series of cyber threats

COVID-19 pandemic has made everyone dependent on the internet as a desperate measure. This dependency is the primary factor that leads to vulnerabilities in cyberspace. Cybercriminals are always on the lookout for such vulnerabilities and weak networks for their malicious attempts to exploit these opportunities. Cybercriminals have been reported to be selling fake COVID-19 cures faking as governmental organizations.


_______________________________________________________________________________________

(May 29, 2020)


Detecting suspicious email attachments amid COVID-19 pandemic

People need to be constantly vigilant when it comes to downloading email attachments. There are a few ways about how to spot a suspicious attachment: looking at the file extension, by crosschecking the sender, by email Content and password protected encrypted archive. Also, just by looking at an email attachment, one should be able to estimate its authenticity and decide whether it is safe to download it or not. Generally, most email service providers allow previewing the attachments without downloading them.

Ref - CisoMag

_______________________________________________________________________________________

(May 29, 2020)


Cyber attacks on the rise amid COVID-19 crisis

According to a Check Point Software & Dimensional Research survey, 71% of IT and security professionals globally report an increase in security threats since the beginning of the pandemic. Just over half (55%) cited phishing attempts as the leading threat, followed by malicious websites claiming to offer information or advice about COVID-19 (32%) and increase in malware and ransomware (28% and 19% respectively).

Ref - HcaMag

_______________________________________________________________________________________

(May 29, 2020)


Cybercriminals taking advantage of COVID-19 pandemic

Criminals are using the coronavirus crisis as bait to hook people into a variety of cyber-scams. Regulators have seen a “100% jump” in criminal activity online since the start of the pandemic.
Alee Fa’amoe, who represents OfReg at the National Emergency Operations Centre, said his office was constantly processing reports of new threats. OfReg also receives reports from US federal cyber-security agencies and from the UK government.


_______________________________________________________________________________________

(May 29, 2020)


Protecting medical technology during COVID-19 outbreak

Particularly in the age of COVID-19, technology experts are feeling the pressure to develop new strategies to tackle healthcare challenges. As the attack surface increases with both medical IoT and PHI’s exposure to the cloud, hospitals and medical device providers could benefit from ensuring that patient information is encrypted and their cloud providers have secure defenses in place against denial of service attacks. 


_______________________________________________________________________________________

(May 29, 2020)


COVID-19 themed spear-phishing attacks mimicking as tech and healthcare firms

Cybercriminals are once again working to take advantage of the COVID-19 pandemic through two new phishing campaigns: Hack-for-hire groups are spoofing the World Health Organization (WHO), while other hackers are impersonating Google-branded sites. The reports mirror recent Proofpoint research, which found a dramatic increase in spoofing attempts through phishing campaigns and fake websites leveraging COVID-19-related themes.


_______________________________________________________________________________________

(May 29, 2020)


Cybercrime challenges during COVID-19 outbreak

Since the emergence of COVID-19, there has been a month-on-month increase in the level of malicious activities relating to the pandemic, with cybercriminals using it as a new hook to bait their unsuspecting victims. In actual fact, the overall level of cybercrime has not increased dramatically, but many threat actors have jumped at the opportunity to switch from existing lures to those relating to COVID-19.

Ref - GDPR

_______________________________________________________________________________________

(May 29, 2020)


Hospitals are being hit by cyberattacks amid Coronavirus

Australian Agency for Digital Health (ANS), responsible for handling “Digital Health”, is waving a red flag regarding cyber-attacks linked to the COVID-19. These attacks could take the form of health-related informative messages on COVID-19. The anxiety surrounding it necessarily implies a decrease in the overall vigilance of internet users. As a result, these phishing scams are therefore flourishing more than ever.

Ref - TwoBirds

_______________________________________________________________________________________

(May 29, 2020)


Ensuring cybersecurity amid COVID-19 crisis

One of the first things employees’ devices should have is an anti-virus software that looks after any malware trying to disrupt operations. Users are suggested to use good and strong passwords, pay attention to every detail in spam email. There should always be a contingency plan. Despite taking all kinds of security measures, there will always be a possibility of an attack. So organizations should train the staff to know what they have to do in case they find themselves in these situations.


_______________________________________________________________________________________

(May 28, 2020)


Controversial tech companies started marketing of their invasive surveillance tools

In response to the outbreak of COVID-19, controversial tech companies have started to market their invasive surveillance tools to governments, health authorities, and private companies in a bid to help slow the spread of the virus. The controversial Israeli cyber-intelligence company, NSO Group, recently received widespread attention following the announcement of FLEMING, an epidemiological analytics system.

Ref - Top10VPN

_______________________________________________________________________________________

(May 28, 2020)


NSA's cyber wing want to safeguard COVID-19 research 

The National Security Agency's cybersecurity directorate is focusing its resources on protecting medical research related to the COVID-19 pandemic and assisting critical infrastructure that can help speed up America's economic recovery. The rise of the COVID-19 pandemic has provided a whole host of additional challenges, increasing the collective digital threat surface as governments and businesses moved to mostly online operations.

Ref - FCW

_______________________________________________________________________________________

(May 29, 2020)

Cybersecurity awareness is very important amid COVID-19

Since the outbreak of the COVID-19 crisis, cybercriminals are constantly looking for ways to exploit the pandemic. In this time of uncertainty, there has been a surge in cyberattacks, phishing scams, and malicious activity, making Cyber Security awareness more important than ever. Employees need to be aware of how to keep themselves and their computers safe, and security awareness training is a great way of doing that.

Ref - CxoToday

_______________________________________________________________________________________

(May 29, 2020)

Data protection and cybersecurity risks amid COVID-19 crisis

The ongoing COVID-19 pandemic has introduced a host of new data protection and cybersecurity risks. Some of the most topical cyber and data protection issues for organizations to consider are Processing of Health Data, Planning for Data Breaches, Dealing with Data Subject Right Requests, and Security Challenges of Remote Work, as various malicious cybersecurity campaigns are targeting remote workers.

Ref - Mondaq

_______________________________________________________________________________________

(May 29, 2020)


Coronavirus-themed phishing attacks during a pandemic

Coronavirus-related email lures now represent the greatest collection of attack types united by a single theme that the Proofpoint Threat Research and Detection team has seen in years, if not ever. They have observed credential phishing, malicious attachments, malicious links, business email compromise (BEC), fake landing pages, downloaders, spam, and malware, among others, all leveraging coronavirus lures.


_______________________________________________________________________________________

(May 29, 2020)


Privacy regulations after COVID-19 crisis end

The inability to track information has led to a huge increase in cyber-attacks on governments, businesses within all industries, and individuals. As countries start to ease their COVID-19 restrictions, governments are implementing legal requirements on businesses to keep control of the rate and spread of the virus. But, by making it a legal requirement for every customer, it is making a cybercriminal’s job much easier.


_______________________________________________________________________________________

(May 29, 2020)


Cyber protection in a Coronavirus pandemic

For best industry practices in terms of cybersecurity, the Australian Trade and Construction Insurance Solutions has provided certain guidelines for brokers to maintain a high vigilance due to the increase in BEC and phishing attacks. Companies must ensure the use of strong passwords, multi-factor authentication, and up-to-date software. Employees need to be more vigilant when working from home, and there are a number of home working practices that are recommended.


_______________________________________________________________________________________

(May 29, 2020)


Cybersecurity hurdles amid COVID-19 crisis

The importance of cybersecurity has become even more pronounced since the outbreak of coronavirus which has instigated a new wave of security risks. In recent months, both Interpol and Europol have warned of enormous spikes in COVID-19 related fraud. Europol has analyzed the factors (remote working, confusion, disruptions to normal every-day life, and increased demand) that have presented greater vulnerabilities during this crisis.

Ref - Medium

_______________________________________________________________________________________

(May 29, 2020)


Cyber Criminals scamming Canadians with coronavirus-themed cyber attacks

Criminals are using the COVID-19 pandemic to prey on Canadians. The Communications Security Establishment (CSE) has discovered more than 1,000 malicious websites that are either scam or provide misinformation on COVID-19 programs. The intelligence agency says that in the last two months, cybercriminals have set up over 1,000 fake Canada Revenue Agency and Canada Emergency Response Benefit websites. 


_______________________________________________________________________________________

(May 29, 2020)


Lawyer’s role in securing courts from cyber attacks

Courts are turning to remote hearings and technology to continue working on cases, and lawyers need to embrace their role in protecting the courts from cybersecurity breaches and upholding the rule of law. They should make sure that documents being submitted electronically are free of viruses and malware. During COVID-19, courts are turning to technology for hearings and documentation, and lawyers need to appreciate this role even more.


_______________________________________________________________________________________

(May 28, 2020)


COVID-19 research and other intellectual property protection

As cyber threats to medical research on COVID-19, and other intellectual property, grow, organizations must take critical steps to prevent the theft of their innovation capital. To help security leaders more effectively mitigate the risks, the Healthcare and Public Health Sector Coordinating Council's Joint Cybersecurity Working Group recently issued a Health Industry Cybersecurity Protection of Innovation Capital guide.


_______________________________________________________________________________________

(May 28, 2020)


Endpoint security in new Coronavirus world

Faced with a future in which remote and distributed workforces are the norm, IT security teams need to completely revamp how they think about endpoint security. To keep companies safe, advanced endpoint security tools must be deployed to remote endpoints, even if those are personal computers that employees use to conduct their work, to ensure that everyone is working securely no matter where they are.

Ref - Morphisec


_______________________________________________________________________________________

(May 28, 2020)


Staying safe online amid COVID-19 outbreak

It is important for organizations to have an enterprise email security, endpoint detection, and response tools, and intelligence anti-malware, secure virtual private networks, active monitoring, and incidence response. Organizations also must use cloud-based data back-up, business continuity, and timely mitigation controls, awareness creation & training, individual cybersecurity. They must reduce the digital footprint, and keep the computer and mobile phone updated.

Ref - UN

_______________________________________________________________________________________

(May 28, 2020)


Cybersecurity during Coronavirus pandemic

The new normal has forced many businesses, organizations, and people to operate from home. With businesses operating indoor, this has increased the risk of security breaches and threats which can lead to loss of data, breaches of privacy or holding systems to ransom, and more. As swiftly as India digitized its working business scenario online, businesses now need to take up ‘online security’ as a key self-responsibility.


_______________________________________________________________________________________

(May 28, 2020)


Security experts concerned about cybersecurity post-COVID-19 crisis

Joint research from security firm Tripwire and Dimensional Research revealed that around 94% of security and IT professionals globally are concerned about their organization’s cybersecurity after the outbreak of the Coronavirus pandemic. The research “Remote Work And COVID-19 Cybersecurity Impact Report” revealed that organizations are struggling to mitigate the risks of increased COVID-19-related attacks.

Ref - CisoMag

_______________________________________________________________________________________

(May 28, 2020)


Cybersecurity practices to improve healthcare amid Coronavirus pandemic

Some cybersecurity best practices were provided, that users and organizations in the healthcare sector should follow. Provide awareness regarding cybersecurity to the staff working in various departments of the hospital to avoid data breaches caused by human error. Update devices regularly, improve network security, install antivirus software, use encrypted software, and access to information should be limited. This tactic will also keep employees in check as they will not be intentionally involved in any data breaching act.


_______________________________________________________________________________________

(May 28, 2020)


Cyberattacks amid Coronavirus pandemic

The U.N. disarmament chief reported during the Security Council meeting on 22 May that “cybercrime is on the rise, with a 600% increase in malicious emails during the current crisis”. The times of global pandemic made an excellent opportunity for APT (Advanced Persistent Threat) groups to target employees working remotely in a home office environment where security capabilities are nowhere close to the ones deployed by system administrators in corporate networks.


_______________________________________________________________________________________

(May 28, 2020)


Cybersecurity hygiene amid COVID-19 pandemic

Regardless of the type of attack amid the Coronavirus pandemic, the best prevention model is to adopt and implement superior cybersecurity hygiene best practices. Like human hygiene, proper cybersecurity hygiene starts with education, prevention, and consistent healthy habits. Investing in one’s security practices and teams will be advantageous in the long run, as a strong security posture doesn’t form overnight.


_______________________________________________________________________________________

(May 28, 2020)


Remote working is an opportunity for cybercriminals

A recent Gallup study shows that 62% of U.S. workers surveyed have worked remotely during the COVID-19 crisis. Furthermore, the same study reports that three out of five people working remotely prefer to continue to do so even after the pandemic-related restrictions are lifted. Many organizations are considering offering flexible work arrangements on a more permanent basis. Cybercriminals have clearly tapped into this new opportunity.


_______________________________________________________________________________________

(May 28, 2020)


Preventing from Coronavirus themed phishing and ransomware attacks

Network security plays an instrumental role in preventing, detecting, and mitigating pandemic-themed cyberattacks. Patch the network and make sure all software is up to date. Deploy advanced malware tools that deal with non-signature and cloud-based threats. Organizations should also have to have whitelisting, monitoring, and blocking capabilities for all applications in use. Discuss a backup strategy that can mitigate the damage if data is encrypted and held for ransom and etc.


_______________________________________________________________________________________

(May 28, 2020)


Hack for Hire firms are on the rise amid COVID-19 cyber attacks

While cyber-attacks and cyber crimes have been growing steadily in India, the country has typically not been known for harboring threat actor groups, or hacker and cyber-criminal collectives, as organized entities. Google’s Threat Analysis Group report states that India has seen a drastic rise in “hack for hire” firms, who are spoofing the World Health Organisation (WHO) to cash in on the Covid-19 pandemic’s mayhem and paranoia, in a bid to steal sensitive user data.

Ref - News18

_______________________________________________________________________________________

(May 28, 2020)


COVID-19 themed cyberattack surface is keep growing

Since the pandemic hit, real evidence of cyber targeting of the healthcare sector is visible to everyone. Meanwhile, the pace of response by those racing to deliver helpful services to constituents is introducing errors that can be equally crippling. With trillions of dollars at stake and a geopolitical push for supremacy of the post-COVID new normal, the attacks are increasingly well funded, well organized, and well-executed.


_______________________________________________________________________________________

(May 28, 2020)


US courts using Zoom facing cyber challenges

The transition to Zoom as the primary platform for U.S. courts, including the Supreme Court, has not been seamless and is still overcoming many obstacles. Zoom continues to face issues of transparency and accountability to watchdog organizations but has effectively managed cyber threats. During the initial transition to virtual courts, “zoom bombing” cyberattacks became seriously disruptive. In early April, zoom bombing became a federal offense that could lead to imprisonment.


_______________________________________________________________________________________

(May 28, 2020)


Google observed a rise in government-backed hacking attacks

Security experts at Alphabet Inc's Google sent 1,755 warnings in April to users whose accounts were targets of government-backed attackers, following a resurgence in hacking and phishing attempts related to the coronavirus outbreak. Google said, its Threat Analysis Group saw new activity from "hack-for-hire" firms, many based in India, that have been creating Gmail accounts spoofing the World Health Organization (WHO).


_______________________________________________________________________________________

(May 28, 2020)


Cloud telephony services market and cyber challenges

The global outbreak of the COVID-19 has led to discontinuity and chaos. With the lockdown being imposed all across the globe, there has been a rise in remote working capabilities. Due to this, there has been a sudden rise in the demand for telecommuting services, creating an immediate need for video conferencing, mobile network equipment, VPN’s, and cloud telephony. However, this trend also increased the cyber risks to come with them.

Ref - DQIndia

_______________________________________________________________________________________

(May 28, 2020)


The COVID-19 internet intelligence gateway to fight pandemic of cybercrime

RiskIQ announced the launch of the COVID-19 Internet Intelligence Gateway, a free, one-stop cybersecurity resource center. With thousands of newly created COVID-19-related websites launching daily, the gateway accepts submissions of suspicious URLs or emails, providing a lookup service that taps into RiskIQ's massive global crawling infrastructure to analyze and compile malicious URLs related to COVID-19.


_______________________________________________________________________________________

(May 28, 2020)


Israel faced a major cyber attack amid COVID-19 crisis

Israel's national cyber chief officially acknowledged the country had thwarted a major cyberattack against its water systems, an assault widely attributed to arch-enemy Iran, calling it a synchronized and organized attack aimed at disrupting key national infrastructure. If the bad guys had succeeded in their plot, the country would now be facing, in the middle of the Corona crisis, very big damage to the civilian population and a lack of water and even worse than that.

Ref - News18

_______________________________________________________________________________________

(May 28, 2020)


Weaponization of IoT grows as cybercriminals leverage COVID-19

COVID-19 opened up a new opportunity for global threat actors. They have increased their use of old vulnerabilities, used COVID-19 lures to catch out the unwary, and increased their weaponization of IoT. They are all subjects the security division of NTT Ltd has been tracking and reporting on in its monthly bulletins. The re-emergence of the likes of Mirai and derivatives is seen, which are targeting businesses right across the globe.


_______________________________________________________________________________________

(May 27, 2020)


Hundreds of volunteers are fighting pandemic-inspired cybercrime

During the third week of March, when COVID-19 was first forcing states to issue stay-at-home orders, cyber-attacks were at a peak. Now, those in the cybersecurity community could see the threat coming, and some started to form volunteer groups to try and prevent the attacks. One group that formed, the COVID-19 Cyber Threat Coalition (CTC), consists of a global team of volunteers, many with experience in the cybersecurity industry.

Ref - BuiltIn

_______________________________________________________________________________________

(May 27, 2020)


Credit card fraud attacks on the rise amid Coronavirus pandemic

Fraudsters are increasingly using pilfered credit-card numbers and phishing attacks to prey on overwhelmed consumers and banks during the coronavirus pandemic. There has been a big jump in attempted credit- and debit-card fraud since coronavirus shut down the U.S. economy. Since the start of this global crisis, fraud detection and prevention experts have been experiencing an unusually high level of volumes and frauds.

Ref - WSJ

_______________________________________________________________________________________

(May 27, 2020)


COVID-19 Contact Tracing Apps Attracting Hackers

As contact tracing ramps up for exposure to COVID-19, so too are concerns about data privacy and whether phony tracing apps will expand opportunities for attackers preying on citizens who voluntarily use tracing apps to help fight the spread of the novel coronavirus. People using COVID tracking apps need to be extremely vigilant and aware, ensuring that they’ve installed official government apps and that they are interacting with authentic messages from the agencies.


_______________________________________________________________________________________

(May 27, 2020)


Cybersecurity factor in the healthcare sector

The healthcare industry has started using advanced technologies such as electronic health records to store their patients’ data, be it their personal information, billing information, and so on. On the contrary, the use of advanced medical devices and other tools has increased the chances of data breaches and cyber-attacks. In this situation, when the whole world faces severe consequences of a coronavirus outbreak, the importance of cybersecurity in healthcare grows to another extent.


_______________________________________________________________________________________

(May 27, 2020)


UN calling for new norms to tackle cyberattacks on healthcare facilities

The UN chief called on nations to tackle the “malicious" use of digital technology to conduct cyberattacks on critical civilian infrastructure and healthcare facilities, particularly in the wake of the COVID-19 pandemic, saying more must be done to prevent and end these "new forms of aggression.” All nations must tackle the malicious use of digital technology to conduct cyberattacks on critical civilian infrastructure.


_______________________________________________________________________________________

(May 27, 2020)


Cybercriminals taking advantage of cyber vulnerabilities exposed by Coronavirus

Experts fear companies that failed to bolster their cyber defenses are now even more exposed because supply chains have become fragmented and hackers, like great white sharks, smell blood. Hackers are scooping up the tiddlers in the supply chain, as they may not have robust security programs and often are unable to afford adequate cybersecurity resources or personnel. As such, they are potentially more susceptible to social engineering scams or attacks.

Ref - Raconteur

_______________________________________________________________________________________

(May 27, 2020)


Majority of COVID phishing attacks coming from US IP addresses

COVID-19 phishing emails have been bombarding inboxes since the virus began to spread in December and January. A cybersecurity company INKY pored through the months of coronavirus-themed phishing emails and compiled a report on where most of them were coming from, finding that the majority of IP addresses found in email headers originated from the United States. These IP addresses might be easily spoofed by more skilled attackers.

 
_______________________________________________________________________________________

(May 27, 2020)


Cybersecurity concerns during COVID-19 pandemic

The COVID-19 pandemic has disrupted global health, the economy, and social systems. From emptying office spaces to dispersing the workforce, corporates have yet ensured seamless delivery of services. However, a remote work environment has also led to a surge in unseen threats in the digital space. Threat actors are prying on potential victims to deploy cyberattacks on home and public networks.

Ref - CISOMag

_______________________________________________________________________________________

(May 27, 2020)


Attackers using Excel macros with fake COVID-19 data to deliver malware

Cybercriminals have found a new way to take advantage of the coronavirus pandemic to hack user data. They’re using email attachments containing malicious Excel 4.0 macros that can put malware on a user’s device. The excel sheets claim to provide trackers, data and graphs on the pandemic, something that many will be interested in, but actually contain malicious code. The data in these sheets actually look real.

Ref - LiveMint

_______________________________________________________________________________________

(May 27, 2020)


Cybercrime could occur more during Coronavirus pandemic 

The CrowdStrike Work Security Index has said that there was a 100x increase in Covid-19 themed malicious files between February and March. A total of 4,048 senior decision-makers in India, Australia, France, Germany, Great Britain, Japan, Netherlands, Singapore, and the U.S across major industry sectors were part of the survey. The survey looked into the attitudes and behaviors towards cybersecurity during the Covid-19 situation.


_______________________________________________________________________________________

(May 27, 2020)


Effects of the COVID-19 pandemic on the cybersecurity

Cybersecurity challenges are growing along with the expansion of the internet, but the hacking world is growing faster. Cybersecurity involves protecting information and systems from major cyber threats. As a result, keeping pace with cybersecurity strategy and operations can be a challenge, particularly in government and enterprise networks where, in their most innovative form, cyber threats often take aim at secret, political and military assets of a nation, or its people.


_______________________________________________________________________________________

(May 27, 2020)


Cyber attacks are increasing because of Coronavirus pandemic 

Canada’s spy agency, CSIS, warned Canadian university researchers and pharmaceutical companies that they are at increased risk of cyberattacks during the COVID-19 pandemic. The new threat that CSIS warns of comes from “advanced persistent threat” (APT) groups. These are networks of state-sponsored hackers whose aim is to gain access to critical computer networks to steal information. They are particularly interested in research on new therapies or vaccines.


_______________________________________________________________________________________

(May 27, 2020)

COVID-19 could destabilise the online worlds

New research from cybersecurity experts Kaspersky warns that the COVID-19 outbreak could lead to the destabilising of the online world. - Huge gaping holes in security measures, with half of the employees working from home on personal devices and not having or knowing what their security policy is to ward against potential attacks. One in four workers (27%) say they received malicious emails related to COVID-19 while working from home.


_______________________________________________________________________________________

(May 27, 2020)


Scammers targeting COVID19-related SMS messages 

The spread of the novel COVID19 pandemic is providing cybercriminals with novel methods to orchestrate crimes. As governments and citizens around the world use innovative tools to fight the spread of the disease, cybercriminals have found a global opportunity to attack these very tools for their own gain. The latest being the SMS-based text message scam.

Ref - DQIndia

_______________________________________________________________________________________

(May 27, 2020)


Businesses will increase work-from-home despite security concerns

Despite security issues and concerns resulting from the massive and sudden increase in work-from-home (WFH) initiatives caused by the global COVID-19 healthcare crisis, one-third (38%) of U.S. companies observed productivity gains during remote work and 84% anticipate broader and more permanent WFH adoption beyond the pandemic


_______________________________________________________________________________________

(May 27, 2020)


Mcafee discovered massive growth in corporate cloud attacks

Cybersecurity firm McAfee has found a correlation between the increased use of cloud services and collaboration tools, such as Cisco WebEx, Zoom and Microsoft Teams, and a rise in cyberattacks targeting the cloud during the COVID-19 pandemic. The research carried out by McAfee, found a 50% increase in the use of cloud services, access from unmanaged devices and the rise of cloud-native threats by 630%.

Ref - LiveMint

_______________________________________________________________________________________

(May 27, 2020)


Cybercriminals leaked personal data of millions of job seekers amid Coronavirus

There’s been a sharp surge in cybercrime amid the COVID-19 pandemic. And now there’s another report that states cybercriminals leaked personal data of 29 million Indian job seekers for free on the dark web. The incident was first brought to light by an online cyber intelligence firm. The threat actor leaked personal details of 29 Million Indian Job Seekers from different states in India and the original leak seems to have happened via a resume aggregator service.

Ref - Mashable

_______________________________________________________________________________________

(May 27, 2020)


UK public having doubts on the handling of their data via a key contact tracing app

The UK’s plans to ease its COVID-19 lockdown have been thrown into doubt after half the public said it does not trust the government to handle their data collected via a key contact tracing app. The app is a crucial part of the best practice “test, track and trace” strategy being rolled out around the world to help businesses and society get back to normal after weeks of social distancing.


_______________________________________________________________________________________

(May 27, 2020)


Cybercriminals can use NHSX COVID-19 tracing app for cyberattacks

Nearly half (48%) of the UK public surveyed about the NHSX COVID-19 tracing app do not trust the UK government to keep their information safe from hackers. This is according to a study carried out by Censuswide on behalf of Anomali, a leader in intelligence-driven cybersecurity solutions. Around 43% of respondents were concerned that the app would give cybercriminals the opportunity to send smishing messages or phishing emails.
Ref - Picante

_______________________________________________________________________________________

(May 26, 2020)


Cybersecurity should be treated as a human rights 

Cyberattacks are becoming more commonplace, sophisticated, and severe. As COVID-19 forced millions of people’s lives online, stable and secure internet is essential to the functioning of societies. The UN Security Council held its second-ever informal meeting on cybersecurity, led by Estonia. The discussion focused on cyber challenges to international peace, but human rights inched their way into the discussion too.
Ref - HRW

_______________________________________________________________________________________

(May 26, 2020)


International Plea to protect healthcare sector from cyber attacks

A plea from the Cyber Peace Institute for healthcare providers to be protected against cyber-threats has attracted international support. Major players in cybersecurity, academics, and numerous political movers and shakers have backed the call for governments to work together with civil society and the private sector to defend and protect the hospital, healthcare, and medical research facilities from digital assaults. 


_______________________________________________________________________________________

(May 26, 2020)


Best time to protect frontline institutions from cyber attacks

As the world’s healthcare professionals and volunteers continue to engage with the unrelenting toll of COVID-19, their efforts are being impaired by another unseen foe: malicious hackers. So, it is time to take action to help medical facilities secure their networks as providing relief to state and local government. What is most concerning is that not all malicious cyber-attacks against the healthcare sector appear to be cybercriminals looking for a quick ransomware payday.

Ref - TheHill

_______________________________________________________________________________________

(May 26, 2020)


Preventing ransomware attacks amid Coronavirus pandemic

The onslaught of cyber-attacks against vulnerable hospitals and healthcare organizations is compounded by the fact that many employees lack the cybersecurity knowledge to prevent such threats, so give them proper training. Do not pay the ransom, as it encourages cybercriminals for more attacks. Also, install all security updates as soon as they appear as most cyber attacks exploit vulnerabilities that have already been reported and addressed.


_______________________________________________________________________________________

(May 26, 2020)


Indian security agencies looking for ways to improve cyber capabilities

A tremendous rise in cybercrimes since the global outbreak of COVID-19 has prompted Indian security agencies to look for ways to boost their capabilities to deal with phishing, malware, virus and other online attacks on government servers. Particularly, the increase in digital activity and economic relief measures accompanying the outbreak have given rise to online fraud, money laundering and terror financing concerns.


_______________________________________________________________________________________

(May 26, 2020)


Threat and cyberattacks assessment during COVID pandemic

The outbreak of the COVID-19 virus marked a systematic change for most businesses around the world. Now, the world is facing challenges in the following dimensions: growing Attack surface due to remote work. Mounting motivations for sabotage or fraud. Bypassing regular credential and privilege management systems to meet business demands. Risk of diminishing abilities of control and defence teams and HR shortage and objective difficulties of the new work model.


_______________________________________________________________________________________

(May 26, 2020)


COVID-19 increased demand for cyber cover in Asia

After the initial COVID-19 slowdown, demand for cyber cover in Asia may be back on the rise. Insurers say that demand has increased from first-time buyers and that some of the more mature players who had already bought cyber policies are asking for increased limits. This is especially true among the mid-market to large client segments who are still able to allocate additional budget for risk management and insurance during this challenging business environment.


_______________________________________________________________________________________

(May 26, 2020)


Cybersecurity concerns increase during COVID-19 pandemic

AlasConnect, an Information Technology Management company in the state, says they saw a doubling in call volume to their assistance centre since the stay-at-home mandates were implemented in late March. Scammers have been aggressive during the pandemic, taking advantage of people's fears and network insecurities. Many companies had little to no preparation in moving their employers to remote locations.


_______________________________________________________________________________________

(May 26, 2020)


Security Tips for healthcare and other organizations

Consider flagging all incoming messages that originate outside the organization, keep all software, systems, and hardware current, draft and enforce procedures for remote meetings, require secure passwords, provide IT with the capacity to track activities on the system, automatically barring all malicious domains, warn employees to watch out for phishing emails and consider reinforcing available defences.
Ref - JDSupra

_______________________________________________________________________________________

(May 26, 2020)


Five effective cybersecurity principal for leadership in a post-COVID world

COVID-19 is forcing business leaders to adapt operating models faster than ever before to ensure existential survival. To achieve this goal, there are five proposals: foster a culture of cyber resilience, focus on protecting the organization's critical assets and services, balance risk-informed decisions during the crisis and beyond, update and practise the organization's response and business continuity plans as business transitions to the “new normal” and strengthen ecosystem-wide collaboration.

Ref - WeForum

_______________________________________________________________________________________

(May 26, 2020)


Recommendations to stop cyberattacks amid Coronavirus pandemic

Ten recommendations that if followed will ensure employees, IT network and business are properly protected, undertake a full security audit, patch software, email and mobile security, protecting corporate systems, regularly backup data, put systems and processes to the test, prevent unauthorised access through encryptions, restricting user controls, train staff and work with security experts to stay protected.

Ref - GDPR

_______________________________________________________________________________________

(May 26, 2020)


Rise of Cybersecurity threats from COVID-19 pandemic

The pandemic forced the global economy and society, organizations, and individuals to become more reliant than ever on the internet and the digital economy. According to the Forum’s COVID-19 Risks Outlook: A Preliminary Mapping and its Implications, cyberattacks, and data fraud are considered the most likely technological risks of COVID-19 for the world, and the third of greatest concern overall owing to abrupt adoption of new working patterns.


_______________________________________________________________________________________

(May 26, 2020)


Stopping a cyberattack on business before and after COVID-19 pandemic

Here are a few measures a user can focus on during these unusual and uncertain times to help protect business’s data, money and productivity: Be suspicious of incoming e-mails, ensure work-from-home computers are secure and Improve password strategy. Even with the shifting priorities and uncertainties in today’s business world, it’s vitally important to not let business’s computer and network security slide during these times.


_______________________________________________________________________________________

(May 26, 2020)


COVID-19-led recession can affect many sectors except for cybersecurity 

The COVID-19 pandemic has hit hard on certain industries. The dismissal economic situation could lead to a recession in many sectors. Cybersecurity is one such field that may not be impacted due to the pandemic. Cybersecurity professionals have been in high demand despite the pandemic. Businesses have been looking to hire cybersecurity professionals across all the levels. There are thousands of open job postings on LinkedIn for cybersecurity jobs.

Ref - Techgig

_______________________________________________________________________________________

(May 26, 2020)


Staying protected from Coronavirus cyber-attacks

Following these ways can defend the business from these potential threats. Be careful when downloading software, protect devices, treat any unexpected email with a healthy level of suspicion, Report any suspicious emails or links and password security. Also, contact the IT team to give them the details and be honest. They may be able to help and mitigate any risks caused by COVID-19-themed cyber attacks.


_______________________________________________________________________________________

(May 26, 2020)

Cyberattacks on healthcare sector amid COVID-19

The Red Cross called for an end to cyberattacks on healthcare and medical research facilities during the coronavirus pandemic, in a letter published and signed by a group of political and business figures. Such attacks endanger human lives and governments must take "immediate and decisive action" to stop them, the letter stated.


_______________________________________________________________________________________

(May 26, 2020)


Cybercriminals target UAE hospitals and people working from home

Cybercriminals have targeted UAE hospitals and people working from home as they sought to take advantage of the coronavirus pandemic for financial gain, leading security experts have said. Across the globe, law enforcement has warned of a rise of sophisticated crimes in which sensitive patient data is snared by online crooks demanding large ransom payments in return for their release.


_______________________________________________________________________________________

(May 26, 2020)


Working together can stop cyberattacks troubling healthcare systems

More than 40 former and current international leaders from across government, industry, international and non-governmental organizations and academia called on the world's governments to take immediate and decisive action to prevent and stop cyberattacks that target hospitals, healthcare, research organizations, and international authorities providing critical care and guidance in the midst of the ongoing global pandemic.

Ref - CGTN

_______________________________________________________________________________________

(May 26, 2020)


The future of cybersecurity is going to be cloudy

The overnight shift to near-universal Work-From-Home (WFH) status has challenged even the largest organizations. Cybersecurity in particular quickly rose to the top of everyone’s list of concerns as bad actors took advantage of fears of COVID-19 for phishing campaigns and other cyberattacks. Many turned to VPNs in response, establishing private connections between users and the corporate network to encrypt and protect sensitive data.

Ref - MEA

_______________________________________________________________________________________

(May 26, 2020)


Facebook introducing in-app notifications to warn about scammers

Scam attacks are on rise due to Coronavirus and to fight with it, the social media company Facebook is introducing in-app notifications in Messenger to warn people who are about to connect with someone impersonating someone else or simply trying to scam them. Individual users below the age of 18 will now receive alerts if an adult is attempting to engage in an inappropriate conversation.


_______________________________________________________________________________________

(May 26, 2020)


Cybercriminals are taking advantage of fear surrounding COVID-19

The current period of complexity and volatility provides a perfect opportunity for cybercriminals. “Catastrophic events act as beacons to fraudsters and threat actors. Cybercriminals are sending emails that resemble legitimate coronavirus-related notices in phishing attacks targeting anxious individuals expecting such communications. The attacks aim to get readers to click through on false links that promise coronavirus guidance.


_______________________________________________________________________________________

(May 26, 2020)


Endpoint detection and response are essential to stop cyber threats amid Coronavirus pandemic

Traditional anti-virus protection, which is usually classified as an endpoint protection platform (EPP) tool, is not considered capable of dealing with modern-day cybersecurity threats. It is recommended that organizations choose an EDR vendor that has its solutions tested by highly rated independent organizations such as MITRE, which have no financial relationship with the vendor in terms of sponsorship.

Ref - ITWeb

_______________________________________________________________________________________

(May 26, 2020)


COVID-19 has accelerated the global transition to a new reality

According to the Forum’s COVID-19 Risks Outlook: A Preliminary Mapping and its Implications, cyberattacks, and data fraud are considered the most likely technological risks of COVID-19 for the world, and the third of greatest concern overall owing to abrupt adoption of new working patterns. To support business leaders, the World Economic Forum launched The Cybersecurity Leadership Principles: Lessons learned during the COVID-19 pandemic to prepare for the new normal.

Ref - WebWire

_______________________________________________________________________________________

(May 26, 2020)


COVID-19 pandemic is used by a hacker to deliver Coronavirus Finder

COVID-19 is a major marker of the Q1 incidents, and malware creators took advantage of the panic and fear associated with the pandemic to get access to people’s details. One of the popular malware employed by hackers is the Coronavirus Finder. The malware is a modified version of the Ginp banking trojan and claims to be able to detect nearby people who have been infected with the COVID-19.

Ref - TechNext

_______________________________________________________________________________________

(May 25, 2020)


COVID-19 cyber scams are at the peak

Hackers and other cybercriminals tend to see a crisis as an opportunity, and COVID-19 has proven to be the mother of all crises. Not only are systems vulnerable due to quickly changing world circumstances, but everyone is constantly looking to digital means to keep themselves connected. Millions have turned to virtual tools such as videoconferencing apps, many utilizing them for the first time. And this brings in a huge risk of scams or cyber attacks of all sorts.

Ref - TechHQ

_______________________________________________________________________________________

(May 25, 2020)


Cyber attacks against Israel attempts to produce COVID-19 vaccine

News military and security correspondent Nir Dvori reported that attempts have been made to sabotage Israel's ability to produce a vaccine for the coronavirus. These took the form of a cyber attack against the Israeli research institutes that are attempting to produce drugs to treat the disease. This is not an attempt to steal information or intelligence but to attack and sabotage efforts to combat the coronavirus. 


_______________________________________________________________________________________

(May 25, 2020)


Due to COVID-19, South African employees working from home

COVID-19 has relegated the majority of the South African workforce to working from home. As a result, internet usage has drastically increased because people are spending more time behind the computer and phone screens. Cybercriminals have seen the increase of users online as an opportunity to ramp up their cyber scams and phishing attempts.


_______________________________________________________________________________________

(May 25, 2020)


COVID-19 is affecting cybersecurity largely

Now with the fear surrounding the Coronavirus pandemic, scammers have a lot of new ammunition to use to try to steal access and data. The problem is that with everyone distracted, people are being less vigilant and it’s creating more victims. Threats include phishing attacks, distributed denial of service attacks, Man-in-the-Middle attacks, and network-based user threats due to negligence or sabotage.

Ref - Hub

_______________________________________________________________________________________

(May 25, 2020)


Chinese hackers continue to target intellectual property

The FBI and the Department of Homeland Security Cybersecurity and Infrastructure Agency are being asked how they’re defending against attempts to hack COVID-19-related research data, following reports that hackers tied to the People’s Republic of China are targeting intellectual property. Also, the FBI and CISA released an alert to COVID-19 research organizations, warning that threat actors are targeting these entities.


_______________________________________________________________________________________

(May 25, 2020)


Cybercrime in India during COVID19 pandemic

The COVID 19 virus has affected most countries in the world. Security of companies is at stake as all data such as financial information, trade secrets, customer information, and such other confidential information of the company is accessible to the employees from their homes with a click of a button. It is essential for employees to take the utmost care of the company’s data and secure it.


_______________________________________________________________________________________

(May 25, 2020)


COVID-19 pandemic exposing the enterprise vulnerabilities

In times of economic and business uncertainty, cybercriminals are taking full advantage of the situation. By upgrading to a cloud environment, companies are reducing the cost and risk of data loss, compliance, and overall cybersecurity with capabilities like antimalware, 24×7 system monitoring, powerful threat intelligence, best-practice backup, disaster recovery practices, and high-quality solutions.


_______________________________________________________________________________________

(May 25, 2020)


Cyberattacks increased amid Coronavirus pandemic

Cyberattacks have been flying fast and furious around the world during these days of global uncertainty because of the coronavirus. Countries accuse each other of engaging in cyber warfare, and each of the accused also claims to be a cyber victim. International organizations dealing with the COVID-19 pandemic have also been targeted.

Ref - VoaNews

_______________________________________________________________________________________

(May 25, 2020)


Cybersecurity now becomes more important than before

Cybersecurity has emerged as an issue of vital importance for everyone, as governments, businesses, and individuals are under constant attack. With almost 40% of India’s population using smartphones with the internet there is a pressing demand for cybersecurity solutions. In fact, the COVID-19 onset and the resultant work from home scenario has further augmented the need for a robust cybersecurity solution.


_______________________________________________________________________________________

(May 25, 2020)


Growing risk of cyber attacks due to Coronavirus pandemic

As part of the research, Deloitte conducted an online poll of more than 2,800 C-level and other executives in December 2019, asking about cybersecurity and cyber recovery protocol. A majority of the respondents (65%) said the growing threat of destructive cyberattacks is one of the top cyber risks at their organization.


_______________________________________________________________________________________

(May 25, 2020)


Australia looking for better defenses amid cyber attacks

The Australian Cyber Security Centre (ACSC) has called on critical infrastructure providers to protect themselves from cyberattacks amid the ongoing COVID-19 pandemic. The advice comes on the heels of growing attempts by hackers to compromise Australia’s critical infrastructure facilities such as power and water distribution networks, as well as transport and communications grids.


_______________________________________________________________________________________

(May 25, 2020)


Disruptive technologies to combat payment frauds

Strategic deployment of some of the key technologies like Machine learning, sound wave technology, QR code technology, etc. can be phenomenal in combating spyware, malware threats, and some of the other cyber frauds in digital payments in a big way during the COVID-19 and afterwards. Some Fintechs are already looking to enable various banks and payment solution providers with their blockchain-based fraud prevention solutions to stay protected.

Ref - NassCom

_______________________________________________________________________________________

(May 25, 2020)


Security tips to protect the business from Coronavirus themed cyberattacks

Be careful when downloading software, make sure to be sensible with the use of smart devices, and keep it digitally and physically safe. Treat any unexpected email with a healthy level of suspicion. Report any suspicious emails or links, and always use strong and different passwords for multiple internet services to stay protected.

Ref - INT-COMP

_______________________________________________________________________________________

(May 25, 2020)


A government supplier targeted by cyberattacks

As criminals target construction firms involved in the UK’s coronavirus response, outsourcing firm Interserve has been hit by a cyber-attack. Experts warn that outsourcers working extensively with the public sector are likely to be targeted by hackers more than ever, as they seek to exploit the chaos of the COVID-19 crisis. Interserve is one of a handful of “strategic suppliers” to the Government and recently helped to build the NHS Nightingale hospital.


_______________________________________________________________________________________

(May 25, 2020)


Malicious emails increased during Coronavirus pandemic

Cybercrime is on the rise, with a 600% increase in malicious emails during the COVID-19 pandemic. The coronavirus crisis is moving the world towards increased technological innovation and online collaboration. There have also been worrying reports of cyber attacks against health care organizations and medical research facilities worldwide. Growing digital dependency has increased the vulnerability to cyberattacks.


_______________________________________________________________________________________

(May 25, 2020)


Cybercriminals capitalizing coronavirus fears to gain access 

The world is a different place amid the COVID-19 crisis, as criminals are taking advantage of the situation to mount a range of cyberattacks. Cyber threats are now exploiting the fears of people and their desire to find out how to cope with the rapid spread of the virus. Many of the techniques being used are not new, however, they are succeeding because people are currently more emotionally vulnerable.


_______________________________________________________________________________________

(May 25, 2020)


Working from home highlighted the gap between the cyber capabilities of big and smaller businesses

A report from the federally funded Cyber Security Cooperative Research Centre (CSCRC) on the risks seen from mass remote working during the COVID-19 pandemic has been published. It found that SMEs are cutting security corners to enable staff to work from home, and have blamed cost for not upgrading cybersecurity systems. It suggests that a basic level of cyber preparedness be mandated by law and warns that weaknesses in smaller organizations pose threats to the larger organizations they interact with.

Ref - AFR

_______________________________________________________________________________________

(May 25, 2020)


Cyber-attacks increased on healthcare systems amid Coronavirus

Healthcare systems all over the world are being subject to attacks even as the fight against COVID-19 rages on. States need to take critical infrastructure protection, like healthcare systems, more seriously. Criminal hacker groups have been demanding ransom from hospitals dealing with overload from coronavirus patients by locking their patient records and threatening to publish these records online. This causes further unwanted strain on healthcare systems.


_______________________________________________________________________________________

(May 25, 2020)


The Australian government now facing an epidemic of breaches

Australian government agencies have been on the defensive stance after a series of successful cyber attacks that have left them red-faced and scrambling to maintain critical services. As many as 150 victims were said to have been involved, authorities told a parliamentary inquiry into COVID-19, with Australian Federal Police freezing bank accounts containing around $120,000 and the ATO suspending the service.


_______________________________________________________________________________________

(May 25, 2020)


Female hackers now securing work from home systems 

Members of an inspired community of female ethical hackers and cybersecurity researchers are working to make things safer, flagging system vulnerabilities that black-hat hackers are always looking to exploit. With a large part of the country’s organized workforce logging in from home, their work, especially understanding how the cybercriminals devise attacks, has assumed more importance and urgency. 


_______________________________________________________________________________________

(May 25, 2020)


Microsoft discovered a massive’ pandemic-themed phishing campaign

Microsoft has warned of a “massive” malware campaign that spreads via scam emails made to appear to have been sent by a major US health research institute. The phishing campaign takes advantage of fears around Covid-19 and attempts to take control of users’ Windows systems.
The pandemic-themed campaign began on 12 May and has used several hundred unique Excel attachments.

Ref - Silicon

_______________________________________________________________________________________

(May 25, 2020)


Improving cybersecurity amid Coronavirus pandemic for ASEAN countries

While ASEAN is increasingly coordinating its efforts to reinforce regional cybersecurity, more needs to be done to address the constantly evolving threats. Now, one of the biggest concerns in regards to the current COVID-19 crisis is the increase in cyberattacks and data fraud. The pandemic has accelerated the adoption of digital culture worldwide. This means that cyberattacks and data fraud is likely to happen on a more regular basis.


_______________________________________________________________________________________

(May 24, 2020)


CEOs and CISOs having difference over cyber strategies

The global survey of 200 CEOs and CISOs from across industries including healthcare, finance, and retail, among others, uncovered prominent cybersecurity stressors and areas of disconnect for business and security leaders, including the lack of an ongoing cybersecurity strategy for less than half of all CEO respondents. The research also identified disparities between geographic regions on data protection as well as a digital transformation dichotomy battle between increased risk and increased technology capability.

Ref - SpoIndia

_______________________________________________________________________________________

(May 24, 2020)


Future of cybersecurity with self-defense systems

Cyberattacks are expected to increase exponentially in volume and sophistication, yet defenses remain rudimentary, as was observed by Coronavirus-themed cyber attacks. So, businesses needed a self-defense system that can identify abnormal foreign elements, activities, programs, and mal-codes using adaptive machine learning based on an understanding of the normal system, application, and data flow behavior.

Ref - INC42

_______________________________________________________________________________________

(May 24, 2020)


Users must improve their mobile security during working from home

Due to Coronavirus, millions of employees across India now work from homes, and a spike can be observed in cyberattacks in the coming months. When it comes to cyber there are innumerable implications of working from home, and the gates are open for hackers. The implications from a security perspective are devastating and can be very dangerous if not addressed in a timely and appropriate manner.


_______________________________________________________________________________________

(May 24, 2020)


Zoom software exposing users to new privacy and data cyberattacks

In light of COVID-19, the usage of applications that enable virtual meetings has skyrocketed. One of the worst-hit platforms has been Zoom. Relatively unknown up until a few months ago, its use has soared in ways that the developers did not foresee before the pandemic struck. It wasn’t originally designed to be used by consumers. 

Ref - GritDaily

_______________________________________________________________________________________

(May 24, 2020)


COVID-19 crisis made the web hotspot for cybercriminals

An increase within the digital economic system because the COVID-19 outbreak has made the web a much more engaging vacation spot for cybercriminals. An amazing rise in cybercrimes has been observed because the world outbreak of COVID-19 has prompted safety companies to search for methods to spice up their capabilities to cope with phishing, malware, virus and different on-line assaults on authorities.


_______________________________________________________________________________________

(May 24, 2020)


Businesses must look for intelligent security

Businesses need to start by looking at a holistic approach to security amid Coronavirus pandemic, or what Dell Technologies call ‘Security Transformation’. What this means is that all businesses need to focus on security which is intelligent, automated, and built into everything, everywhere. This will enable them to make better-informed decisions, which will help them deliver predictable business outcomes.


_______________________________________________________________________________________

(May 24, 2020)


Indian security agencies looking for ways to deal with COVID-19 cyberattacks

A tremendous rise in cybercrimes since the global outbreak of COVID-19 has prompted Indian security agencies to look for ways to boost their capabilities to deal with phishing, malware, virus, and other online attacks on government servers. Particularly, the increase in digital activity and economic relief measures accompanying the outbreak have given rise to online fraud, money laundering and terror financing concerns.


_______________________________________________________________________________________

(May 24, 2020)


COVID-19 pandemic will reshape the future of cyberspace

While cyberspace has been a digital savior during this pandemic, with an unprecedented increase in working from home, video chat, and ordering goods online, a surge in cybercrime and fraud tell another story. This pandemic appears to be making the Internet explode with viruses and more ‘dark side’ troubles, with potential impacts that will reshape the future of cyberspace.

Ref - GovTech

_______________________________________________________________________________________

(May 24, 2020)


Hacking attacks on home workers increased during the lockdown

Hackers have launched a wave of cyber-attacks trying to exploit British people working from home, as the coronavirus lockdown forces people to use often unfamiliar computer systems. The proportion of attacks targeting home workers increased from 12% of malicious email traffic before the UK’s lockdown began in March to more than 60% six weeks later, according to data from cybersecurity company Darktrace.


_______________________________________________________________________________________

(May 23, 2020)


Six times increase reported in malicious emails amid COVID-19 crisis

The UN disarmament chief warned that cybercrime is on the rise, with a 600% increase in malicious emails during the COVID-19 pandemic. The coronavirus crisis is moving the world toward increased technological innovation and online collaboration. There have also been worrying reports of (cyber) attacks against health care organizations and medical research facilities worldwide. The growing digital dependency has increased the vulnerability to cyberattacks.


_______________________________________________________________________________________

(May 23, 2020)


Around 37 percent increase observed in cyber attacks in India

India has seen a 37 percent increase in cyberattacks in the first quarter (Q1) of 2020, as compared to the fourth quarter (Q4) of last year, a new report revealed. The Kaspersky Security Network (KSN) report showed that its products detected and blocked 52,820,874 local cyber threats in India between January and March this year (2020).


_______________________________________________________________________________________

(May 23, 2020)


Digital networks having an increased number of cybersecurity challenges

Governments and corporates activated remote work protocols, instructing people to stay home, and practice social distancing. This transition, for the most part, was seamless thanks to its underpinning technology – the internet. That said, this deluge of digitization has, in no small terms, strained the data infrastructures of many nations, as telecom operators scramble to cope with the overwhelming demand for seamless connectivity.


_______________________________________________________________________________________

(May 23, 2020)


Technology professions in high demand despite the Coronavirus pandemic

Cybersecurity is one of those technology professions that have been in high demand despite the pandemic. Businesses have been eagerly looking to hire cybersecurity talent, as evident from thousands of job postings on LinkedIn. Cybersecurity teams may very well be immune to recession and mass layoffs in many sectors. There are many factors for this, and perhaps one of the biggest ones is the sharp rise in cyber attacks in the last six months. 


_______________________________________________________________________________________

(May 23, 2020)


Security officers are now focusing on ‘borderless security’

The COVID crisis has redrawn the boundaries of cybersecurity. Instead of ‘perimeter security’, the chief information security officers (CISOs) are now focusing on ‘borderless security’ as organizations shift to remote working and distributed digital assets. To compound the challenge, crises drive threat levels up and COVID-19 has been no different. There has been a 500% jump in phishing and ransomware attacks.

Ref - TCS

_______________________________________________________________________________________

(May 22, 2020)


IT service providers had to change their day-to-day operations

During COVID-19, Service Providers face various difficulties. Besides infrastructure and resource management, another top priority issue is cyber security. In countries like India, all service providers could not properly adjust to the new circumstances, especially when their contingency plans were not sufficiently robust. In Argentina, general complications of COVID-19 and the subsequent government restrictions are expected to cause difficulties. Similarly, in all other major countries, Service Providers fae issues in coping up with the COVID-19 epidemic.

Ref - Mondaq

_______________________________________________________________________________________

(May 22, 2020)


COVID-19 crisis increases threats to medical IoT

The mere fact of the COVID pandemic’s existence has pushed the American healthcare system to capacity, but another threat to that system has reared its ugly head, cyberattacks. Particularly those based on ransomware have become more common as the disease spread, targeting medical IoT devices and healthcare networks.


_______________________________________________________________________________________

(May 22, 2020)


DNS spoofing attacks on rise amid COVID-19 outbreak

Cybersecurity researchers have found that since early February, the number of Google searches and URL views associated with the Coronavirus has increased significantly. Cybercriminals also use these hot topics as bait to profit from them. The number of domain name registrations related to the new crown virus increased by an average of 656% per day. Also, maliciously registered domain names increased by 569%.

Ref - Lifars

_______________________________________________________________________________________

(May 22, 2020)


ECHO joined forces to establish its COVID-19 cyber defense alliance

Monitoring the cybersecurity landscape and the increase of COVID-19 related cyber crimes reporting by cyber experts and law enforcement agencies worldwide, the ECHO network of cybersecurity centers (ECHO) has joined forces to establish its COVID-19 Cyber Defence Alliance. Its aim is to support all initiatives that aim at protecting the EU Member States, key services, and critical infrastructure from cyber attacks.


_______________________________________________________________________________________

(May 22, 2020)


Cyber threats and attacks during the COVID-19 pandemic

Working from home allows people to minimize social interaction, which limits and slows the spread of COVID-19. But, as highlighted in a recent alert from the North American Electric Reliability Corp. (NERC), the electric power industry is in a period of heightened cyber risk due to a large contingent of industry employees working remotely.


_______________________________________________________________________________________

(May 22, 2020)


Return of COVID-19 lockdown can trigger attacks

Cybercriminals may be waiting for remote workers and compromised endpoints to reconnect to corporate networks before triggering attacks, including the deployment of ransomware. As UK employees return to the office and other workplaces over the coming weeks, Redscan is urging businesses to stay alert to these risks, see all endpoints are sanitized upon their return to the office, and monitor networks for evidence of compromises.


_______________________________________________________________________________________

(May 22, 2020)


Cyber help is a pandemic duty for national guard

Maryland Governor called in the National Guard to aid in the coronavirus pandemic response by executive order. Since then, the Guard has been helping the state increase with COVID-19 tests and screening and assisting but also pitching in with cybersecurity assessments. For Maryland, the need is acute: the state is just a year removed from a devastating ransomware attack that hobbled Baltimore city’s networks.

Ref - TLO

 _______________________________________________________________________________________

(May 22, 2020)


Supercomputers managing COVID-19 data are being targeted

Energy Department officials said they have noticed a spike in cyberattacks on national laboratories and that foreign nations are interested in U.S. coronavirus research. They are seeing some increased activities around the national laboratories in particular, with regard to cyber activity. Slight increases in the number of hits observed at computing facilities. Cyberattacks have increased during the pandemic as the number of people working remotely.


_______________________________________________________________________________________

(May 22, 2020)


Hackers are targeting both individuals and businesses across Canada

While the federal government combats hostile foreign intelligence services seeking the country’s biggest secrets, hackers and fraudsters are keen on cashing in on the fear the novel coronavirus has created, targeting both individuals and businesses across Canada. Meanwhile, work from home policies are in effect across thousands of companies, and the resulting IT sprawl is giving security leaders headaches.


_______________________________________________________________________________________

(May 22, 2020)


Coronavirus pandemic changed the dynamics of security

As employees adapt to the new normal of working from home, there has been a slew of attacks aimed at exploiting their lack of knowledge. According to data from Barracuda Networks, phishing attempts have increased by 600% since February. Organizations globally are conducting regular cybersecurity training with their employees and educating them about the ongoing cyberattacks, and sharing best practices to be secure


_______________________________________________________________________________________

(May 22, 2020)


Protecting educational institutions during COVID-19 pandemic

Following basic security practices, educational institutions can secure their remote endpoint devices: educate the students and faculty members about cyber-attacks, ensure that the online training software used is secured, monitor the endpoints and gain clear visibility, patch applications regularly to prevent vulnerabilities, assess for threats and vulnerabilities and respond to them, and make systems abide by security compliance standards.

Ref - SecPod

_______________________________________________________________________________________

(May 22, 2020)


Beware of the Coronavirus themed phishing attacks

There have been 192,000 coronavirus-related attacks per week, a 30% increase when compared to the previous weeks. The coronavirus-related attacks defined as websites with “corona”/”COVID” in its domain, files with “Corona” related file names, and files that have been distributed with coronavirus-related subjects in their email. So users should beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.

Ref - HcaMag

_______________________________________________________________________________________

(May 22, 2020)


Protect Small Business from Coronavirus-themed cyber attacks

In spite of the seemingly endless arsenal of tools available to threat actors and the explosive growth of COVID-19-themed malware, there are numerous cybersecurity tools and measures available to small businesses that can protect them and help them become more cyber ready. For example, threat detection technology, proper password protocol, Software updates, and avoiding the use of public Wi-Fi while working.

Ref - Medium 

_______________________________________________________________________________________

(May 22, 2020)

Lack of historical data in terms of cyber underwriting in a post-COVID-19 world

From its inception, cyber underwriting has faced difficult challenges including a limited amount of historical data. Now, partly driven by the global pandemic, an increase in cyber-threat levels and demand for protection could represent a prime opportunity for a rethink. The cyber insurance market is growing rapidly and writing billions of dollars for cyber insurance, yet there is a lack of historical data in terms of cyber underwriting. 


_______________________________________________________________________________________

(May 22, 2020)


COVID-19 pandemic will expose organizations to higher cyber risks

The COVID-19 coronavirus pandemic is likely to leave organizations exposed to higher risks of cyber attacks for months or years to come. The number of attacks against organizations grew exponentially to reach a four-month high at the end of April, as the virus spread. But hacking and phishing attacks are likely to become the new norm for many companies, even as the virus infection rate begins to recede. Also, COVID-19 provoked a prolonged recession in the economy.


_______________________________________________________________________________________

(May 22, 2020)


COVID-19 pandemic impact on cybercrime in 2020

The 2020 Cyber Security Breaches Survey published by the UK’s Department for Digital, Culture, Media and Sport (DCMS) reports that 46 percent of UK businesses and 26 percent of charities were victims of cyber-attacks in the past year. Most attacks happen during off-hours, proving that when it comes to doing their dirty work, cybercriminals never sleep.


_______________________________________________________________________________________

(May 22, 2020)


Digital risks faced by children during COVID-19

More than 1 billion children globally have been affected by school closures. Around 60% of 8- to 12-year-olds are exposed to cyber risk, including cyberbullying, according to the Child Online Safety Index. In this time of coronavirus, though, with lockdowns closing schools around the world, keeping children safe online has never been more critical. On 16 May, 69.3% of total enrolled learners were affected by school closures due to the COVID-19 pandemic.

Ref - WeForum

_______________________________________________________________________________________

(May 22, 2020)


Mobile adware now become a new nuisance amid COVID-19 pandemic

According to Check Point Software, 27% of companies worldwide have suffered attacks on their mobile devices, showing a clear upward trend of sixth generation attacks. It only takes one compromised mobile device for cybercriminals to steal confidential information and access an organisation's corporate network. Adware is commonly distributed through mobile apps and developed to sneak onto a device undetected without uninstallation procedures.


_______________________________________________________________________________________

(May 22, 2020)


Privacy concern arises with COVID-19 pandemic

COVID-19 contact tracing is demonstrating some negative effects where it unmasks people’s private activities and leads to backlash. It can become a sophisticated surveillance system, outsourced to private operators, with no institutional oversight. For many years the lack of government tracking programs and the existence of generally permissive societies throughout the Western democracies made it difficult to think that individual people could be threatened by their own government tracking their movements.

Ref - LexoLogy
_______________________________________________________________________________________

(May 21, 2020)


Enterprises now spend more on cyber security due to Coronavirus

According to a new report from LearnBonds, nearly 70% of enterprises are looking forward to increasing cybersecurity spending due to the effects of the COVID-19 pandemic. Cybercriminals are targeting remote workers due to COVID-19. It has changed the security attack surface for all companies. 


_______________________________________________________________________________________

(May 21, 2020)


Three cybersecurity trends emerge from COVID-19 pandemic

Due to COVID-19, here are three positive and lasting trends that are expected to be adopted in post-pandemic reality: the focus will shift to zero-trust principles. Second, biomed and hospital IT professionals will expect a more transparent, simplified security experience. The third is, collaboration around threat intelligence will become a higher priority.

Ref - 24x7mag

_______________________________________________________________________________________

(May 21, 2020)


Cybersecurity risks for enterprises and offices during COVID-19 pandemic

Cyber attacks are accelerating as criminals and other threat actors seek to exploit the disruption caused by the COVID-19 pandemic. Businesses scramble to implement sweeping remote work practices and online-only interactions with employees, customers and vendors, and these changes have come with heightened cybersecurity risks. Some Family Enterprises (FEs) and Family Offices (FOs) are recognizing the danger, and taking steps to increase cybersecurity capabilities, but others need to catch up quickly.

Ref - EY

_______________________________________________________________________________________

(May 21, 2020)


New Data Center-related opportunities created due to the COVID-19 pandemic

The data center security solutions market is expected to grow by USD 5 billion during 2020-2024. The impact can be expected to be significant in the first quarter but gradually lessen in subsequent quarters, with a limited impact on the full-year economic growth, according to the latest market research report by Technavio. The report also provides the market impact and new opportunities created due to the COVID-19 pandemic. 


_______________________________________________________________________________________

(May 21, 2020)

Coronavirus created many new opportunities for threat actors

The global spread of the Coronavirus disease (COVID-19) has created many new opportunities for threat actors. Now, all organizations need to carefully review their multi-layered cybersecurity strategies and arm employees with knowledge of how to protect themselves against these specific attacks. Employees working at home for the first time may not be sufficiently aware of cyberthreats. The monthly detection categories increased by 33%.

Ref - SdcExec

_______________________________________________________________________________________

(May 21, 2020)

Federal agencies issue alert on COVID-19 cares act payment fraud scams

In the latest COVID-19-related fraud scheme, threat actors are looking to exploit the Coronavirus Aid, Relief, and Economic Security (CARES) Act economic impact payments to steal personal and financial information from individuals, according to an alert from the Department of Homeland Security Cybersecurity and Infrastructure Security Agency, Department of the Treasury, the IRS, and the Secret Service.


_______________________________________________________________________________________

(May 21, 2020)

Cyber Security teams should follow security best practices during COVID-19

To deal with increased cyber-risk, organizations should either hire more security professionals to watch over the network 24/7 while an already established security team works on securing the user credentials and login processes. Alternatively, they can adopt an AI system to catch possible threats on the network so security teams can focus their attention where it is needed. In the face of professional and budgetary shortfalls, an AI solution capable of detecting anomalous behavior on a network is an ideal solution.


_______________________________________________________________________________________

(May 21, 2020)

World economic forum cited cybersecurity as top issue from COVID-19

The World Economic Forum mainly concerns itself with high-level macroeconomic issues such as global recessions and world economic development. That’s why it was significant this week when the WEF cited cybersecurity as one of its “Top 10 Fallout” issues from COVID-19 in its Global Risks report. Nearly 38 percent of those surveyed say changing work patterns will lead to increases in cybersecurity and fraud incidents.


_______________________________________________________________________________________

(May 21, 2020)

Adaptability will be key to fight against Coronavirus themed cyber attacks

The COVID-19 pandemic impacted daily lives of millions of people around the world, and now everyone is working from home. So, security was the key issue once everyone was connected. Now, remote monitoring, filtering, restricted access management were all part of the CIOs’ plans to ensure smooth transition of work from office to work from home. It is important to become so adaptive that a user can quickly adapt to new situations.

Ref - ITNext

_______________________________________________________________________________________

(May 21, 2020)

Advanced threat groups are targeting COVID-19 research

Health organizations and other government entities in the United Kingdom and the United States that are involved in the fight against COVID-19 have suffered a slew of cyberattacks. According to the cybersecurity agencies of both countries, many of these cyberattacks originate at the hands of state sponsored hackers, referred to as advanced persistent threats, or APT groups. These APT groups have sought to use the global public health crisis to throw the US and UK’s COVID-19 response efforts into chaos.


_______________________________________________________________________________________

(May 21, 2020)

Mazor increase reported in cyberattacks against financial institutions

VMware, a leading innovator in enterprise software, has released the third annual “Modern Bank Heists” report, produced by VMware Carbon Black. The report combines original VMware Carbon Black threat data analysis with annual survey results featuring responses from 25 leading financial institution CISOs. From the beginning of February to the end of April 2020, attacks targeting the financial sector have grown by 238%.

Ref - AmeInfo

_______________________________________________________________________________________

(May 21, 2020)

Work-from-home increasing cyber attacks during Coronavirus lockdown

Phishing increased by 350% since the coronavirus outbreak started (between January to March 2020), according to data gathered and analyzed by Atlas VPN. It goes without saying that remote work inevitably brings a new set of risks and challenges. While it can’t solely blame the shift from office spaces to work from home for the increase in cyberattacks, organizations need to step up their cyber game to align better to this new way of working.


_______________________________________________________________________________________

(May 21, 2020)

Cybersecurity concern increased during COVID-19 pandemic

Cyber criminals are taking advantage of the COVID-19 crisis, as cybersecurity experts have tracked a rise in online scams related to the novel coronavirus. Using concerns about the novel coronavirus, cyber criminals have launched deceptive phishing and websites related to the pandemic. Bad actors are actively working to take advantage of the uncertainty and shortage of reliable information about topics of urgent interest.


_______________________________________________________________________________________

(May 21, 2020)

Hackers unleashed an unprecedented wave of cyberattacks amid Coronavirus

Cyber criminals have now launched an unprecedented wave of cyberattacks on a new glut of white collar workers operating in insecure home environments. They’re putting a new twist on popular penetration techniques, malicious domains, spam and ransomware, by manipulating fears of the coronavirus. Their intense efforts to exploit weaknesses before businesses can clamp down are keeping cybersecurity companies busier than ever.

Ref - Builtin

_______________________________________________________________________________________

(May 21, 2020)

How healthcare organizations can fight cyberattacks during the Coronavirus

Security is no longer an IT issue; it is a business issue that must be embraced by executives and multiple stakeholders across the organization. In light of the attacks against medical organizations, the following recommendations can be followed by security teams in the healthcare sector: follow basic security hygiene practices, apply a cogent and comprehensive strategy, think like the attackers and invest in the security stack. 


_______________________________________________________________________________________

(May 21, 2020)

Protecting business from cyber spies amid Coronavirus crisis

Following certain security measures can help organizations reduce the risk of cyber crime affecting organisations: revisit information security policy or create one, ensure cybersecurity forms part of the governance framework. Regularly test internet and network security. Update virus and firewall products, test security around remote working. Use a secure VPN and don’t allow staff to send or receive confidential information via their own home internet provider or free public wi-fi.


_______________________________________________________________________________________

(May 21, 2020)


Healthcare sector top target for COVID-19-themed cyber attacks

The healthcare sector has long been a preferred industry for hackers to target. Now that many healthcare systems are under extra strain due to the COVID-19 pandemic, these cyberattacks could prove especially devastating. A patient’s medical file potentially holds a wide assortment of information hackers could sell on the Dark Web. Also, criminals operating online also understand the tremendous urgency healthcare workers deal with daily.


_______________________________________________________________________________________

(May 21, 2020)


Government agencies should be on high alert till end of this year 

The number of cyberattacks using the Coronavirus pandemic first emerged around February 2020. But now such attacks have seen an exponential upswing, stated the latest report ‘The Global Threat Landscape Report Q1 2020’ by Subex. European countries, especially the United Kingdom, are the most attacked. The report warned the government agencies to be on high alert until the end of this year as COVID-19-themed cyberattacks are rising.


_______________________________________________________________________________________

(May 21, 2020)


Kerala In India reported highest number of phishing attacks during Coronavirus lockdown

K7 Computing’s Cyber Threat Report, a comprehensive analysis of cyberattacks during the lockdown, has found that Kerala recorded the highest number of cyberattacks during this period. The report analyses various cyberattacks within India during the pandemic and reveals that threat actors targeted the state with COVID-19 themed attacks aimed at exploiting user trust.

Ref - CRN

_______________________________________________________________________________________

(May 21, 2020)


Cyber security startups are in crisis due to Coronavirus

The Covid-19 pandemic has changed the world of work. It has, almost instantaneously, created a pervasive working from home environment. The statistics show that many startups fail, but new security challenges may well see them replaced with new firms that take on the new challenges. There is also likely to be a time of consolidation as large players look to plug the gaps in their product roadmaps by acquiring some of the minnows in the startup pond.


_______________________________________________________________________________________

(May 21, 2020)


Parliament’s Zoom meeting was defaced with porn image

Due to Coronavirus, the whole world now adopted virtual meetings and hackers are exploiting this opportunity. The National Assembly programming committee’s meeting was hacked with porn images, with the hacker also racially abusing speaker Thandi Modise who was chairing the virtual meeting. The meeting had barely started at 9 am, literally 50 seconds in, and was still dealing with the first item on the agenda when porn images appeared on the screen. 


_______________________________________________________________________________________

(May 21, 2020)


Effects of COVID-19 on global fraud detection & prevention market

With the emergence of the COVID-19 crisis, the world is fighting a health pandemic as well as an economic emergency, almost impacting trillions of dollars of revenues. Fraud detection & prevention market is predicted to grow with a CAGR of 26.5% by generating a revenue of $123,391.8 million by 2026. Artificial intelligence and machine learning is considered to create a huge opportunity for the fraud detection & prevention market investors.


_______________________________________________________________________________________

(May 21, 2020)


Governments agencies now being hit by cyberattacks more harder

Research from Deloitte has found that governments are being held hostage by cyber attacks more frequently, with criminals expanding their attack base and asking for more money. Governments in 2019 reported 163 ransomware attacks and paid over $1.8 million dollars in ransoms, with tens of millions of dollars spent on recovery costs. State and local governments should live and plan with the reality that their critical systems and data will be attacked.


_______________________________________________________________________________________

(May 21, 2020)


Important responsibilities for CISO after COVID-19 pandemic ends

The new cybersecurity priorities post COVID-19 that will become the new normal for most CISOs, will include: Securing remote employees, quick actions required, tackling new attack vectors and security concerns with third-party applications. When employees work from the office, they are protected by a strong security infrastructure. But working from home or a different location, it automatically increases the level of risk.


_______________________________________________________________________________________

(May 21, 2020)


Organizations could increase their cybersecurity budgets to respond COVID-19 crisis

A new study from LearnBonds indicates that 68% of major organisations (public and private) plan to increase their cybersecurity spending as a response to the COVID-19 pandemic, given the intersection of increased Work From Home (WFH) and the growth of data breaches, phishing and ransomware attacks. 


_______________________________________________________________________________________

(May 21, 2020)


Coronavirus relief fund fund now being targeted by fraudsters

Delhi Police is probing two cyber fraud cases where fake Unified Payments Interface (UPI) IDs of the Prime Minister’s Citizen Assistance and Relief in Emergency Situations (PM-Cares) Fund were created to dupe people into parting with money for donations to the fight against Covid-19. Delhi Police cyber cell investigators traced people behind the fraud to some areas in Jharkhand, including Jamtara, which has emerged as a hub of cyber frauds such as phishing in recent years.


_______________________________________________________________________________________

(May 21, 2020)


Several vulnerabilities spotted in NHS COVID-19 contract-tracing app

Wide-ranging security flaws have been flagged in the NHS Covid-19 contact-tracing app, after being piloted in the Isle of Wight. The security researchers involved have warned the problems pose risks to users’ privacy and could be abused to prevent contagion alerts being sent. There has been an increase of concerns from NHS officials, as they are racing to improve the COVID-19 contact-tracing apps privacy safeguards.


_______________________________________________________________________________________

(May 20, 2020)


Coronavirus become double edged sword for Zoom application

Due to Coronavirus, the daily meeting participants on the Zoom platform surged from 10 million in December, 2019 to 200 million in March 2020. However, a plea has been filed in the Supreme Court seeking a direction to the Centre to ban the use of ‘Zoom’ application for official and personal purposes by the public until an appropriate legislation was put in place to ensure adequate cyber security. The petition filed by a homemaker and a part-time tutor.


_______________________________________________________________________________________

(May 20, 2020)


Coronavirus pandemic is boosting cybercrime

Following news of the EasyJet hack and massive information theft in the aviation sector, growing cybersecurity concerns have become one of the leading risks due to the impact of COVID-19, according to the recently released Global Risks Reports by the World Economic Forum. As the COVID-19 crisis accelerates dependency on technology enabled economic processes, it is also exacerbating cyber-risks.


_______________________________________________________________________________________

(May 20, 2020)


Many people working from home have had zero security awareness training

More than 726 million cyber-attacks launched from online resources have been recorded this year. The new research from Kaspersky's cyber threat analysts warns that the COVID-19 outbreak could lead to the destabilisation of the online world. The research has revealed more 75% of people working from home say that they have had zero IT security awareness training since they switched from office working to remote working overnight.

Ref - ITP

_______________________________________________________________________________________

(May 20, 2020)


Phishing attacks during Coronavirus pandemic

Google Trends indicates the searches for COVID-19-related keywords has been increasing dramatically during the past few months. Since February 2020, they have seen reports that COVID-19 has been adopted as a novel theme in phishing attacks. Regular phishing websites existed even before the pandemic started, but the “look” was updated to reflect changes in web sites they imitate.

Ref - LastLine

_______________________________________________________________________________________

(May 20, 2020)


A COVID-19 themed phishing campaign spotted that gain remote access

Microsoft says a massive COVID-19 themed phishing campaign is underway, as a part of which attackers install the NetSupport Manager remote access tool to gain remote access. The new campaign, which was detected by the Microsoft Security Intelligence team, started on May 12. The malware payload comes through malicious Excel attachments that are being sent by the attackers via emails.

Ref - NDTV

_______________________________________________________________________________________

(May 20, 2020)


Security tips for a successful cyber threat intelligence program

COVID-19 has opened the cyberattack floodgates; defenders need strong cyber threat intelligence (CTI) analysis. The CTI program includes practices like leaning on vendors, equating threat intelligence with indicators of compromise, limited use of threat intelligence feeds and focus on internal security data and minimizing threat intelligence analysis. Also, CISOs should take an honest look at their capabilities and outsource CTI analysis and threat hunting.

Ref - CSOOnline

_______________________________________________________________________________________

(May 20, 2020)


Teleworking and cybersecurity risks during Coronavirus pandemic

In the context of the COVID-19 health crisis and various lockdown measures across the globe, companies were quick to react and implement teleworking. In a few days, most employees that could, started working remotely from home. This global practice has maintained a certain continuity of business despite this unprecedented crisis. More specifically, an unsupervised implementation of teleworking could increase IT security risks for companies.

Ref - Winston

_______________________________________________________________________________________

(May 20, 2020)


Healthcare providers are not secured from cyber attacks amid COVID-19 pandemic

Health systems, hospitals and office practices have been relying more on technology and digital tools during the COVID-19 pandemic in ramping up telehealth and engaging staff in teleworking. Making technology more convenient brings an inherent risk of reduced security. There are reports of cybercriminals using certain types of documents (coronavirus coverage maps) on non secure websites to plant malware on computers that access those sites.


_______________________________________________________________________________________

(May 20, 2020)


Coronavirus themed cyber attacks on rise

Whether it’s a hurricane, an election, or the current state of a pandemic, cyber criminals take advantage of disorder. An increase in activity surrounding cybercrime due to COVID-19 has been observed. Now malware and phishing attacks are becoming more prevalent than before. Also, ransomware attacks are becoming a new trend.

Ref - Cybergrx

_______________________________________________________________________________________

(May 20, 2020)


Organisations are at greater risk due to Coronavirus

A new report from the Mimecast Threat Intelligence Centre, entitled 100 Days of Coronavirus, tracks cybercrime activity since the start of the outbreak. It found that between January and March 2020, global monthly volumes of spam and opportunistic cybercrime detections increased by 26.3%, impersonation fraud detections increased by 30.3%, malware detections increased by 35.16% and the blocking of URL clicks increased by 55.8%. 


_______________________________________________________________________________________

(May 20, 2020)


Australia worried about global cyberattacks on healthcare sector

Australia has expressed concern over "malicious" hacking attacks across the world by cybercriminals and state-based actors targeting hospitals, medical services and facilities as well as crisis response organizations amid the COVID-19 pandemic. Australia had agreed with other countries at the United Nations to co-operate on cybercrime and not knowingly allow their territory to be used for "international wrongful acts."

 
_______________________________________________________________________________________

(May 20, 2020)


CCCS Curates Cyber Security Resources For Businesses Facing Heightened Risk

The COVID-19 crisis has seen an increase in opportunistic attacks from bad actors seeking to take advantage of employee fear and curiosity about the pandemic. So, the Canadian Centre for Cyber Security (CCCS) has responded to the crisis by marshaling new and existing cyber security insights into two curated portal sites: one aimed at the needs of research and development organizations, and another aimed more generally at Canadians and Canadian business.

Ref - Mondaq

_______________________________________________________________________________________

(May 20, 2020)


Organizations are at increased risk due to Coronavirus pandemic

Organisations are already facing business challenges in the wake of the coronavirus pandemic, and a rapid rise in COVID-19 related cyberattacks is causing additional stress. Between March 9th and 20th alone, a 234% increase was seen in daily registrations of new coronavirus-related web domains and subdomains, at more than 6,100 a day.

Ref - AmeInfo

_______________________________________________________________________________________

(May 20, 2020)


Cyber attacks are now evolving at much faster rate due to COVID-19 pandemic

Digital technology provider Subex said that it has detected 46 per cent increase in attacks on smart homes, enterprises and control systems connected to critical infrastructure as the global cyber threat landscape alters amid the ongoing coronavirus pandemic.The company also detected and reported a spurt in deceptive attacks on critical infrastructure elements across the world, especially in Eastern Europe, where these attacks are growing in volume.

Ref - AniNews

_______________________________________________________________________________________

(May 20, 2020)


Cyber Security Malta joins Interpol initiative against COVID-19’s cyber attacks

Malta’s cybersecurity agency Cyber Security Malta and the Police Force are joining a global alliance led by Interpol to create awareness about cyber-safety during the COVID-19 pandemic with the aptly-named #WashYourCyberHands campaign.The alliance is formed by global law enforcement and cybersecurity communities to protect the public from data fraud.


_______________________________________________________________________________________

(May 20, 2020)


Practical advice to deal with security breaches and cyber fraud during Coronavirus pandemic

Asset Management Firms should have a comprehensive, documented and Board-approved IT and cybersecurity strategy. The cybersecurity risk management framework should ensure related risks are identified, assessed and monitored. Firms must conduct and maintain a thorough inventory of IT assets and document cybersecurity incident response and recovery plans in place outlining what actions will be taken during and after a security incident.

Ref - MonDaq

_______________________________________________________________________________________

(May 20, 2020)


A breach report highlights public sector risk during Coronavirus

Public sector organisations are more vulnerable to cyber-attacks during the COVID-19 pandemic as a result of the rapid shift to the cloud and staff working from home. A report by Verizon cybersecurity painted a common picture of the cybersecurity threat space from recent years, with the majority of attacks being financially motivated and carried out by external actors, despite public perceptions about the prevalence of insider attacks and cyber espionage.


_______________________________________________________________________________________

(May 20, 2020)

Serco leaked contact tracers’ personal email addresses

Outsourcing business Serco has apologised after it accidentally leaked the email addresses of nearly 300 people training to become contact tracers. The Government says it has hired more than 21,000 people who will manually trace the movements of people with coronavirus in an attempt to monitor the spread of coronavirus.

Ref - TeleGraph

_______________________________________________________________________________________

(May 19, 2020)


Increased traffic reported in financial services, sports and travel industries during Coronavirus

Imperva, Inc., a cybersecurity firm published its April 2020 Cyber Threat Index Report, revealing that COVID-19 continues to affect overall traffic and attack trends, industries such as financial services, sports, and travel are showing early signs of recovery. The monthly report also showed retail traffic is peaking at Black Friday-level volume, application DDoS attacks increased in both volume and size, and the overall Cyber Threat Index score continues to be at a ‘high’ level.


_______________________________________________________________________________________

(May 19, 2020)


Lessons learnt from Coronavirus pandemic

Chief Technology Officer at Palo Alto Networks highlights various threats that the digital world is facing during the ongoing COVID-19 crisis and various prevention methodologies that can be adopted. One lesson could be taken away is to be prepared for the unimaginable in cybersecurity in the same way people should have been prepared for this pandemic. Another lesson is that adopting a Zero Trust security model is key to prevention and response.


_______________________________________________________________________________________

(May 19, 2020)


Cyber risks could increase if employees continue to work from home even after COVID-19 ends

The insurance boss of technology giant Fujitsu has warned that home working will become standard practice beyond Covid-19, leaving firms exposed to cyber risk that likely won’t be covered under their existing policies. The company’s EMEA Insurance CTO believes the increased risk could threaten the recovery effort of countries as they seek to bounce back after the pandemic.


_______________________________________________________________________________________

(May 19, 2020)


Cyberattacks against financial sector increased after Coronavirus pandemic

The Financial Services Information Sharing and Analysis Center, and particularly smaller firms, reported substantial increase in attempted cyberattacks since the start of the COVID-19 pandemic. In particular, cyber-attacks targeted at bank employees rose in the first quarter of 2020. As of early April, FS-ISAC had also over 1,500 fraudulent or phishing websites designed to look like pandemic-related lending or financial support programs to deceive visitors.

Ref - ICLG

_______________________________________________________________________________________

(May 19, 2020)


Cyber criminals are still exploiting fear surrounding Coronavirus pandemic

Since the global proliferation of COVID-19 from February onwards, the number of cyber-attacks has risen by over a third year-on-year. This increase in malicious cyber-attacks has primarily had an impact on organizations on the frontline of the global response, including the World Health Organization (WHO), healthcare services and charities addressing the pandemic.

Ref - RigZone

_______________________________________________________________________________________

(May 19, 2020)


Coronavirus pandemic increasing risk posed by cyber attacks

There has been a rapid surge in online activity outside the workplace: a significant increase in internet shopping; more time for people to spend online. Adding a rapidly changing environment and global crisis presents openings for cyber criminal opportunists. In light of (and despite) this unfamiliar landscape, it is important that businesses do not lose sight of the risk of cyber security and the damage it could cause.


_______________________________________________________________________________________

(May 19, 2020)


Cerberus is stealing credit card details using COVID-19 information

A malicious software called Cerberus is stealing financial data such as credit card details by luring people with COVID-19 related information, the Central Bureau of Investigation has warned states, Union territories and agencies after receiving Interpol inputs. The Trojan virus contacts smartphone users via text messages and asks to click on a link saying it will provide COVID-19 updates. When clicked, the link installs a malicious application on their phones.

Ref - NDTV

_______________________________________________________________________________________

(May 19, 2020)


Working from home and remote interactions is become the new norm

In recent months, the Coronavirus virus has changed the world. Now, the cyber attack landscape has also changed and it is important to know what is different and how to react to it. During the pandemic work-from-home, it is a lot harder to beware of suspicious links when the kids want attention. More than ever, it is now crucial to train employees to detect phishing campaigns.

Ref - RadWare

_______________________________________________________________________________________

(May 19, 2020)


Cyber criminals using COVID-19 pandemic to target vulnerable organizations

NTT Ltd, the leading global technology services provider, has launched its 2020 Global Threat Intelligence Report (GTIR), which reveals that despite efforts by organizations to layer up their cyber defences, attackers are continuing to innovate faster than ever before and automate their attacks. Referencing the current COVID-19 pandemic, the report highlights the challenges that businesses face as cyber criminals look to gain from the global crisis and the importance of secure-by-design and cyber-resilience.

_______________________________________________________________________________________

(May 19, 2020)


Hackers accessed details of millions of EasyJet passengers amid Coronavirus

British budget airline easyJet said that hackers had accessed the email and travel details of around 9 million customers, and the credit card details of more than 2,000 of them, in a “highly sophisticated” attack. The airline, which has grounded most of its flights due to the COVID-19 pandemic and is locked in a long-running battle with its founder and biggest shareholder.

Ref - France24
_______________________________________________________________________________________

(May 19, 2020)

Cybersecurity in post COVID-19 pandemic era

As COVID-19 reshapes social interactions and transforms work environments to more digital settings, the threat landscape in cyberspace is also evolving with new vulnerabilities emerging. The synapse between the COVID-19 pandemic and cybersecurity imperatives can be addressed with a call to action that the new Cyber Security Strategy on the anvil can address.

Ref - MediaNama

_______________________________________________________________________________________

(May 19, 2020)


Cyber attacks increased due to innovation and automation 

NTT Ltd., launched its 2020 Global Threat Intelligence Report (GTIR), which reveals that despite efforts by organizations to layer up their cyber defences, attackers are continuing to innovate faster than ever before and automate their attacks. Referencing the current COVID-19 pandemic, the report highlights the challenges that businesses face as cyber criminals look to gain from the global crisis and the importance of secure-by-design and cyber-resilience.


_______________________________________________________________________________________

(May 19, 2020)


UK public sector is highly exposed to ransomware attack amid Coronavirus

Clearswift research reveals a lack of cyber security awareness among public sector workers, with almost half unaware of ransomware. The research with 1,000 public sector employees, revealed that almost half of respondents (47%) have either not heard of, or do not know what ransomware is, with 42% not having heard of, or what two-factor authentication (2FA) is. Also, the coronavirus crisis is bringing increased cyber-attacks.

Ref - PressReleases

_______________________________________________________________________________________

(May 19, 2020)


Cyber attacks worry business leaders around the world

Executives whose job it is to identify risks are also concerned about a related surge in bankruptcies, high levels of youth unemployment and increased cyber attacks arising from a shift to remote working, according to a report by the World Economic Forum (WEF), Marsh & McLennan and Zurich Insurance Group. The authors surveyed nearly 350 senior risk professionals from large companies around the world.

Ref - Edition

_______________________________________________________________________________________

(May 19, 2020)


A fake government website taking advantage of COVID-19

A fake website claiming to be from the federal government of Canada is preying upon those seeking financial relief from the COVID-19 pandemic. In a recent blog report, security vendor Proofpoint warned that multiple “threat actors” across the world have created fake websites posing as fronts for pandemic financial assistance programs, including Canada’s very own Emergency Response Benefit (CERB) website.


_______________________________________________________________________________________

(May 19, 2020)


Cyber attackers now exploiting new avenues of attack

The pandemic, and specifically, the lockdowns resulting from it, has spurred criminals to shift their cyber fraud schemes to exploit new avenues of attack. Fraud and hacking are becoming most prevalent in areas like card attacks, account attacks and, in a nod to the pivot toward eCommerce, delivery attacks. The waves of new account creation are thus a concern.

Ref - Pymnts

_______________________________________________________________________________________

(May 19, 2020)

COVID-19 themed ransomware attacks causing more damage

Cybercriminals are using the COVID-19 pandemic to full advantage, increasing the frequency of attacks and using ransomware, causing more damage. As the COVID-19 virus wreaks havoc on the world’s economy, businesses continue to suffer from the relentless spread of a different kind of “virus,” ransomware attacks, which deploy malware to render IT systems inoperable or data inaccessible unless and until a ransom is paid.


_______________________________________________________________________________________

(May 19, 2020)


Money is biggest motive for cyber criminals around the world

Verizon Business 2020 Data Breach Investigations Report found that confirmed data breaches doubled from the prior year. As the coronavirus pandemic has forced people indoors, cyber attacks on businesses are expected to climb. The report found that 86% of breaches were for money, not for purposes of spying. Credential theft, phishing and compromising business emails caused 67% of the cyber attacks.

Ref - News18

_______________________________________________________________________________________

(May 18, 2020)


Security tips to stay protected while working from home

Organise employee security awareness training and spear-phishing stimulation to educate them on how to recognise and report attacks. Reconsider access policies to enforce two-factor authentication for email accounts of all employees, Ensure users connect to the company-provided VPN to secure remote access and avoid unauthorized exposure of user credentials or other sensitive data and other basic practices.


_______________________________________________________________________________________

(May 18, 2020)


Staying safe from COVID-19 phishing scams and cyberattacks

As employees continue to work from home, employees are reminded to assess home security measures on a weekly basis to update and/or add any defenses accordingly. Such practices include, look out for tell-tale signs such as poor spelling and grammar, keep operating systems and applications up to date, use an anti-malware solution on your endpoints, making sure all features are enabled and definitions are up to date, etc.

Ref - MassBio

_______________________________________________________________________________________

(May 18, 2020)


Electric power industry is at risk during COVID-19 pandmeic

Working remotely during the COVID-19 pandemic has been a lifesaver, but it has also brought new threats. Working from home allows people to minimize social interaction, which limits and slows the spread of COVID-19. But, as highlighted in a recent alert from the North American Electric Reliability Corp. (NERC), the electric power industry is in a period of heightened cyber risk due to a large contingent of industry employees working remotely.


_______________________________________________________________________________________

(May 18, 2020)


Why business are so vulnerable amid COVID-19 pandemic

Businesses are just trying to make it through the pandemic. Due to businesses focusing on keeping basic operations up and running, proactive security measures may not be at the top of the agenda. This is something that hackers are counting on. As terrible as it sounds, successful attackers look for the soft spot for an attack, and a corporation with little to no security.


_______________________________________________________________________________________

(May 18, 2020)


COVID-19 themed cyber attack could hit diverse targets

Besides hospitals and academic institutions, dozens of nonprofits, including so-called "nongovernmental organizations," or NGOs, around the world must protect their COVID-19 research and related activities from those seeking to steal data or disrupt their operations. A wide variety of these nonprofit organizations are potential targets for cyberattacks during the COVID-19 pandemic. Attacks on these organizations could affect their partners as well.


_______________________________________________________________________________________

(May 18, 2020)


Healthcare and research institutions are now at high risk due to Coronavirus

The United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom's National Cyber Security Centre (NCSC) recently issued an alert warning that malicious cyber actors are targeting health care and other essential services related to COVID-19. Health care providers, pharmaceutical companies, academia, medical research organizations and local governments face heightened risks.


_______________________________________________________________________________________

(May 18, 2020)


Cyber policy during working from home

Working from home has quickly become the new normal, but it may also be the reason your cyber insurer denies coverage for the next cyberattack. In the meantime, policyholders would be well-advised to review their cyber insurance policies and consider whether they have adequate coverage for cyberattacks in the current work-from-home environment.


_______________________________________________________________________________________

(May 18, 2020)


Crisis response for healthcare’s security during COVID-19 pandemic

The Healthcare and Public Health Sector Coordinating Council (HSCC) and the Health Information Sharing and Analysis Center (H-ISAC) jointly released guidance for healthcare entities on ways to manage their cybersecurity tactical crisis response during an emergency, such as the COVID-19 pandemic. The guidance was developed amid the COVID-19 pandemic, which HSCC noted resulted in a rise in telemedicine visits and telework.


_______________________________________________________________________________________

(May 18, 2020)


COVID-19 pandemic changed the cyber threat scenario

With the global health crisis forcing huge numbers of people to work from home, businesses must make some important considerations to protect themselves from malicious cyber attacks. The COVID-19 pandemic has impacted the cyber security landscape, as threat actors are now taking advantage of the crisis and exploiting the situation to prey on remote workers. There has been a noticeable shift in the tactics used by existing threat actors..


_______________________________________________________________________________________

(May 18, 2020)

COVID-19 pandemic become a golden opportunity for cyber criminals

Coronavirus-related cyberattacks have proliferated since the first COVID-19 cases emerged in Wuhan, China. According to a recent Microsoft analysis, every country in the world has now experienced at least one such cyberattack, with the number of successful intrusions increasing daily. In a heightened state of confusion and stress, security gaps stemming from human vulnerabilities, such as email scams and unmonitored malware intrusions, have inevitably escalated.


_______________________________________________________________________________________

(May 18, 2020)


Criminals are hacking Indian cooperative banks using a COVID-19 Trojan

Cybersecurity services company Seqrite claims to have detected a new wave of Adwind Java Remote Access Trojan (RAT) campaign targeting Indian co-operative banks using COVID-19 as a bait. Researchers at Seqrite warned that if attackers are successful, they can take over the victim’s device to steal sensitive data like SWIFT logins and customer details. They can also launch large scale cyber attacks and commit financial frauds.


_______________________________________________________________________________________

(May 18, 2020)


Impact of COVID-19 pandemic on cyber security

As businesses around the world implemented a work from home (WFH) operating model, IT, security and management teams worked hard to facilitate a strong and secure infrastructure. WFH operations present significant cyber risks if all aspects of security were not properly considered. In a recent Fast Fast Forward Live webinar, cybersecurity experts from AXA XL, S-RM and Mullen Coughlin discuss the impact of COVID-19 on cyber security.

Ref - Axaxl

_______________________________________________________________________________________

(May 18, 2020)

Cybercriminals are taking advantage of COVID-19 in many ways

Cybercriminals are again showing their true colors in the COVID-19 pandemic. Their attacks have always been socially engineered to prey on people’s fears, but the exploitation in the COVID-19 era is nothing short of sinister. Perhaps what’s most shocking in the development of COVID-19-themed attacks is the behavior of larger ransomware organizations ( “Doppelpaymer” and “Maze”) themselves. These groups are now even offering discounts on ransom in this COVID-19 era.


_______________________________________________________________________________________

(May 18, 2020)

COVID-19 pandemic changed the way the world works

In a very short span of time, COVID-19 has dramatically changed the way the world operates. As governments worldwide mandate social distancing to prevent disease transfer, there has been a significant rise in remote working. This has resulted in a range of issues for many SMEs, because while working from home, the required levels of corporate safety precaution are difficult to maintain.


_______________________________________________________________________________________

(May 18, 2020)

Phishing attacks now using Aarogya Setu application name

Phishing attacks in the name of Aarogya Setu app are on the rise, as cybercriminals take advantage of the COVID-19 pandemic for their vested interests. In its latest warning, the Indian Computer Emergency Response Team (CERT-IN) says there has been a major increase in phishing attacks in the name of Aarogya Setu contact tracing app, as well as video calling apps such as Zoom, Microsoft Teams, and Google Meet.


_______________________________________________________________________________________

(May 18, 2020)

Protecting smart infrastructure amid the COVID-19 pandemic

Securing smart homes and smart buildings from cybersecurity risks becomes more relevant than ever in the light of the COVID-19 pandemic crisis. ENISA presents some fundamental measures for securing smart devices. This includes the use of long and different passwords, performing updates on a regular basis, configuring multiple networks on the router, leveraging user guides for enabling the relevant security features, and using secure wipe smart devices, etc.

Ref - ENISA

_______________________________________________________________________________________

(May 18, 2020)

Google and KPMG share their insights for securing accounts and access during Coronavirus pandemic

Many prolific fraud cyber attacks are on the rise since COVID-19 pandemic, and best was to handle them is of urgent importance for both the organizations and the people. It is essential for organizations to continuously promote the importance of cybersecurity threats to internal staff as well as to the public through Info Security Awareness. The government should also consider establishing an extensive Cyber Security Awareness Program that could be easily replicated across to all government agencies.


_______________________________________________________________________________________

(May 18, 2020)

Security Tips to protect trading firms from cyber attacks during Coronavirus

There are five areas, where commodity trading businesses should look to mitigate the key risks. This includes 1) Review, test and revise fraud response plan, 2) Scrutinize risk indicators, and investigate exceptions promptly and thoroughly, 3) Keep the firm’s teams talking about what’s going on, given the current disruption to markets and operations. 4) Review and revise incentives to reduce the trading related fraud risks and 5) Look after people for signs of stress and general health and wellbeing.

Ref - PWC

_______________________________________________________________________________________

(May 18, 2020)

Stay vigilant of cyber fraudsters during COVID-19 lockdown

A study on trending cybercrime shows cybercriminals are taking advantage of the situation as a large number of people are using online banking services to be updated with their banking updates. Cybercriminals are attacking the computer networks and systems of individuals, businesses and even global organizations at a time when cyber defenses might be lowered due to the shift of focus to the health crisis

Ref - SiaSat

_______________________________________________________________________________________

(May 18, 2020)

Attacks on financial institutions doubled in three months

The COVID-19 has provided cyber attackers with ample opportunity to ramp up their operations as the world engages online more than any other time in history. Attacks targeting the financial sector at large have swelled by 238% in the months from February through to the end of April 2020, while 80% of surveyed financial institutions reported an increase in cyber attacks over the last 12 months, according to a report released from VMware Carbon Black.


_______________________________________________________________________________________

(May 18, 2020)

Police catch suspects planning ransomware attack on a hospital 

Police in Europe has swooped on a cybercrime gang that they suspect of planning ransomware attacks using COVID-19 lures against hospitals. The four-man “Pentaguard” group was formed at the start of the year, according to the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT). They intended to launch ransomware attacks, in the near future, on some public health institutions in Romania.


_______________________________________________________________________________________

(May 18, 2020)

India’s e-commerce growth pushed by COVID-19 pandemic along with cyber attacks

Fraud instances could possibly rise at an even quicker pace as India’s e-commerce market propelled by the COVID-19 outbreak. The rapid growth of the e-commerce sector has also inadvertently led to a rise in fraud. The number of online shopping frauds registered with the National Consumer Helpline has jumped nearly six times from 977 cases in FY17 to 5,620 cases in FY20 till November 2019, taking the total count of cases since FY17 to 13,993.


_______________________________________________________________________________________

(May 18, 2020)

Cybercriminals now targeting supercomputers in Europe

Supercomputers across Europe were infected with cryptocurrency mining malware, forcing operators to shut the systems down to investigate the attack. Many of the impacted systems are used to run workloads that hope to help in the fight against COVID-19, along with other important research. The University of Edinburgh was the first to declare that something was wrong.


_______________________________________________________________________________________

(May 18, 2020)

Remote working increasing security incidents amid Coronavirus lockdown

Many people work from home due to the COVID-19 pandemic, and cybersecurity in quarantine is a new topic often on the minds of information technology (IT) professionals. A workplace gives a relatively controlled environment where an organization can enforce regular password changes, monitor for new devices connecting to the network and exercise other precautions to keep cybercriminals at bay. But these are difficult to follow which working from home.


_______________________________________________________________________________________

(May 18, 2020)

Security tips to protect network against COVID-19-themed cyber attacks

Users are suggested to take steps to reduce the risk of malware and other cyber threats. Here are some tips to consider: equipping systems with the latest firewalls and anti-virus software, using a virtual private network, ensuring that all company-issued devices are protected and provide training for employees, so they know how to recognize and report suspicious activity.


_______________________________________________________________________________________

(May 17, 2020)

Trusted Business Insights published their latest study on railway cybersecurity

Trusted Business Insights presents an updated and Latest Study on Railway Cybersecurity Market Market 2019-2026 ((including the Business Impact of COVID-19)). The report contains market predictions related to market size, revenue, production, CAGR, Consumption, gross margin, price, and other substantial factors. While emphasizing the key driving and restraining forces for this market, the report also offers a complete study of the future trends and developments of the market.


_______________________________________________________________________________________

(May 17, 2020)

People should be vigilant during the COVID-19 pandemic

The COVID-19 pandemic renders individuals and society extremely vulnerable in all respects. Safety4sea highlights the importance of being vigilant during the COVID-19 pandemic, reminding that cybercriminals don’t take breaks, as mentioned by Interpol. The COVID-19 has set the world into a frenzy, with high levels of anxiety and citizens trying to find ways to keep themselves and their families safe and healthy.

Ref - Mfame

_______________________________________________________________________________________

(May 17, 2020)

Insurance bosses proposed a scheme to cover the costs of future pandemics

A state-sponsored cyber attack could cause economic damage on a scale equal to COVID-19, overwhelming the insurance industry and requiring the Government to step in to cover the losses, the chairman of Lloyd’s of London has warned. It would be a good idea for any government-backed program to address future pandemic risk to include a mechanism to deal with rare but catastrophic events such as a large cyber attack.

Ref - Telegraph

_______________________________________________________________________________________

(May 16, 2020)


Cyber criminals are targeting European supercomputers researching COVID-19

Supercomputers in Europe (including ARCHER) that are used to research COVID-19, were hacked this week, according to several laboratories. Some of the computers remain offline following the attack. Supercomputers in Switzerland, Germany, and the U.K. were affected. It’s not clear if the attacks were linked or who was behind them.


_______________________________________________________________________________________

(May 16, 2020)

COVID-19 related applications are not being tested properly 

Every Indian state is using its own set of apps for various [COVID-19 related] purposes, maybe for tracking, for keeping accounts or any other activity. These apps have not gone through the required process, like a set of security testing, etc. This is cause of major concern because if any app gets hacked it might result in trouble for its users who are using the apps and providing their sensitive information to these apps.

Ref - Medianama

_______________________________________________________________________________________

(May 16, 2020)

Coronavirus pandemic will boost the calls to overhaul the digital defenses

The lawmakers behind an ominous report about America’s lack of preparedness for a major cyberattack are hoping the coronavirus pandemic will boost their calls to overhaul the nation’s digital defenses. The Cyberspace Solarium Commission on March 11 released its 182-page report calling for a far more muscular stance against U.S. digital adversaries such as Russia and China.


_______________________________________________________________________________________

(May 15, 2020)

Cyber security challenges for healthcare amid Coronavirus pandemic

It is tough to maintain security with so many devices connecting to the network at such a rapid pace. It is important for CISOs to adapt their strategies to account for this growing attack surface with capabilities like continuous device visibility and control along with dynamic asset management, network access control, and network segmentation. Just as it’s being recommended that strong personal hygiene practices will help prevent the infection and spread of COVID-19.


_______________________________________________________________________________________

(May 15, 2020)

Cybercrime trend and type of attacks amid COVID-19

Over the past few months an increased amount of malicious attempts have been reported and many threat actors have started to abuse the panic and discomfort of the COVID-19 pandemic to conduct specially crafted cyber attacks. A significant spike has been recorded in activity on Brute-Force attacks (authentication issues), attempts for exploits (viruses) and increased access to malicious / suspicious IPs / URLs.


_______________________________________________________________________________________

(May 15, 2020)

Hackers keep hacking during Coronavirus pandemic

Cybercriminals haven’t hit the brakes for COVID-19. Hackers are installing malware on cell phones via fake coronavirus tracking apps and fake COVID-19 maps. The malware can steal bank details, passwords and login information from the victim’s device. And these are just a short list of cyber attacks, just a tip of the iceberg.

Ref - CSBJ

_______________________________________________________________________________________

(May 15, 2020)

How machines can protect themselves post COVID-19 era

In near future, machines would be able to protect themselves automatically, where a client that is an integral part of any operating system will act as an intermediary that establishes a trusted identity for each client system on a network. The client would then be able to authenticate every login attempt and request for resources by verifying each login through an authoritative security management platform such as Active Directory (AD).


_______________________________________________________________________________________

(May 15, 2020)

A significant number of new malicious domains related to COVID-19 appeared

Cybercriminals, who are notorious for riding trending news and emerging issues, have been watching matters unfold and developing their attacks in context with a large variety of updates and initiatives lined with the current pandemic. As a result, IBM X-Force Research has been seeing a significant number of new malicious domains related to COVID-19 appear in the wild since late February 2020.


_______________________________________________________________________________________

(May 15, 2020)

Coronavirus diverted the focus of world toward Cyber security

5 March 2020 marked an important milestone in multilateralism and for cyber as an issue. It was the moment when cyber was, for the first time ever, officially discussed at the UNSC. Previously there had only been theoretical discussions about cyber during informal Security Council meetings, and this was the first time that malicious behaviour in cyberspace had been put formally on the table.

Ref - ICDS

_______________________________________________________________________________________

(May 15, 2020)

British Supercomputer become a victim of cyber attack

British Supercomputer ARCHER, which is used for academic research by Universities operating in the U.K., has been hit by a cyberattack, forcing the admin to reset all user passwords and SSH keys. ARCHER provides invaluable resources for researchers who study problems with a global impact. The UK National Supercomputing service also serves a National Health Service (NHS) project working on developing a Coronavirus vaccine.


_______________________________________________________________________________________

(May 15, 2020)

Staying protected amid COVID-19 pandemic

Today, as the world grapples with the COVID-19 pandemic, hackers are trying to take advantage of the rapid changes happening across industries. To stay protected, lock arms with IT to secure software-as-a-service (SaaS) applications via cloud access security brokers for configuration, security and data loss prevention and reduce the access to IaaS providers by using jump boxes, and follow other basic security hyzine.

Ref - CXOToday

_______________________________________________________________________________________

(May 15, 2020)

Cyber criminal exploiting the global pandemic

More than 60 percent of phishing expeditions are now COVID-19 related as criminal hackers exploit the global pandemic, producing malicious emails dressed up as legitimate correspondence and attempt to gain access to companies’ computer systems. Cybercriminals are using the public’s “great thirst” for information about everything related to COVID-19 to their advantage.

Ref - National

_______________________________________________________________________________________

(May 15, 2020)

UK’s electrical grid targeted by a cyber attack

The UK’s electrical grid has been targeted by a potentially disruptive cyber attack on the systems of Elexon, a key cog in the electricity trading system. During the COVID-19 coronavirus pandemic, they present an even more critical target. An electrical black-out affecting a hospital or care home could have severe consequences, and attackers, particularly those backed by nation states, will be well aware of that.


_______________________________________________________________________________________

(May 15, 2020)

Demands for cyber insurance are on rise after COVID-19 cyber attacks

Companies are looking to cyber insurance to help manage the fallout from a wave of COVID-19 related cyberattacks, highlighting the need for businesses to pay close attention to internal data security shortcomings and policy limits that could spark coverage fights. Now with the massive abrupt change of so many working from home, that’s just thrown gas on the fire.


_______________________________________________________________________________________

(May 15, 2020)

Educational infrastructures could be targeted by invasive breaches amid Coronavirus

A report put out by Netwrix highlights the growing data and security risks that educational organizations are vulnerable to during this time of COVID-19, distance learning, and an increase in cloud technology activity. The report states that 54% of educational sector IT professionals are aware that district employees are compromising sensitive data by utilizing cloud apps unknown or unapproved by IT.

Ref - CSHub

_______________________________________________________________________________________

(May 15, 2020)

Fearware now become a new trend amid Coronavirus pandemic

A new term, Fearware, has come up and there are more than 3000 websites online available related to Coronavirus. These websites are created by amateur hackers who want to take money from user's bank account if a user clicks on their websites. They either take money from a user or give them false information.

Ref - Inventiva

_______________________________________________________________________________________

(May 15, 2020)

Cybersecurity legal Implications for businesses amid Coronavirus pandemic

Among the myriad challenges faced by businesses arising out of the global COVID-19 pandemic is the amplification of cybersecurity vulnerabilities and resulting increased risk of data breach and malware incidents. There is no single set of cybersecurity laws. Nor is there a single government agency responsible for enforcing cybersecurity practices or investigating data breaches. 

Ref - ICLG

_______________________________________________________________________________________

(May 15, 2020)

Cyber-attacks happening during COVID-19 in Spain

Due to the COVID-19 pandemic and the legislative measures adopted, many companies have been forced to implement teleworking measures or to intensify the use of the systems they already had. Now, it is the INCIBE (the Spanish "National Institute for Cybersecurity") through its publication of March 18, which is warning that a campaign consisting on sending fraudulent emails has been detected.


_______________________________________________________________________________________

(May 15, 2020)

Coronavirus become a golden opportunity for cyber criminals

With COVID-19 seemingly bringing the world to a halt and more than 50% of the globe’s population engaging in some form of lockdown, cyber criminals have viewed the pandemic as a golden opportunity. Interpol, Europol, Governments and other organisations around the globe have warned of an uptick in cyber activity amid the pandemic.

Ref - FSMatters
_______________________________________________________________________________________


(May 15, 2020)


Cyber attacks on Australian companies are on the rise amid Coronavirus crisis

BlueScope and MyBudget are the latest to confirm they have been subjected to a cyberattack, following Toll Group and Services New South Wales being hit. The attackers steal data and threaten to publish or use the information against the victim if they do not pay up. Attacks using ransomware are happening more often and businesses needed to beef up their security.

Ref - ABC

_______________________________________________________________________________________

(May 15, 2020)


An increase in malicious behaviour related to coronavirus pandemic is reported

The Canadian Centre for Cyber Security has reported an increase of malicious behaviour in terms of the coronavirus pandemic being used in phishing campaigns and malware scams. Essentially, cybercriminals know that a simple mention of “COVID-19” or “coronavirus” will instantly get attention. While this isn’t the first time cybercriminals have used national or global headlines to their advantage, it’s essential to keep an eye out.


_______________________________________________________________________________________

(May 15, 2020)


QNodeService Trojan is promising victims for COVID-19 tax relief

A new Trojan malware sample has appeared on the radar of cybersecurity researchers following evidence it may be used in coronavirus-related phishing schemes. The Trojan sample was connected to a file, "Company PLP_Tax relief due to COVID-19 outbreak CI+PL.jar," and was only detected at first by ESET's antivirus engine. 

Ref - ZDNet

_______________________________________________________________________________________

(May 15, 2020)


WHO released an application for health workers fighting against COVID-19 pandemic

A new World Health Organization (WHO) mobile app provides vital information to health workers battling the COVID-19 pandemic, delivering critical and timely knowledge resources in six languages- Arabic, Chinese, English, French, Russian and Spanish- directly to the health workers’ mobile phones and tablets.

Ref - WHO
_______________________________________________________________________________________

(May 15, 2020)


Thousands of cybercriminals are taking advantage of coronavirus pandemic

M3 Networks said there had been a huge increase in coronavirus-themed phishing attacks – in which fraudulent emails are sent to induce individuals to reveal personal information, such as passwords and credit card numbers. Over the past five weeks, the tech firm has identified 100,000 suspect website addresses linked to COVID-19 phishing emails.

_______________________________________________________________________________________

(May 15, 2020)


COVID-19 pandemic can reshape cybersecurity frameworks

COVID-19 disruption has exposed gaps in the security mechanisms and crisis response plans for many businesses, according to partner & lead for cybersecurity at PwC India Siddharth Vishwanath. Speaking to Express Computer, he highlighted how responding to this scenario presents an opportunity. The biggest learning for organisations from this crisis is to consider Black Swan scenarios seriously while drafting and testing the crisis strategy.


_______________________________________________________________________________________

(May 14, 2020)

Cybersecurity risks enterprises and offices facing amid COVID-19 pandemic

Cyber attacks are accelerating as criminals and other threat actors seek to exploit the disruption caused by the COVID-19 pandemic. Businesses scramble to implement sweeping remote work practices and online-only interactions with employees, customers and vendors, and these changes have come with heightened cybersecurity risks. Some Family Enterprises (FEs) and Family Offices (FOs) are recognizing the danger, and taking steps to increase cybersecurity capabilities, but others need to catch up quickly.

Ref - EY

_______________________________________________________________________________________

(May 14, 2020)

Microsoft’s decision will Impact everyone fighting against COVID-19 cyber threats

From May 14, Microsoft has introduced new COVID-19 threat intelligence sharing feeds for Azure Sentinel customers and this will also be made available publicly for everyone on GitHub. The move means that even if a user isn't a Microsoft customer, a user can hugely improve their protection against a fast-growing number of COVID-19 themed cyber-attacks.

Ref - Forbes

_______________________________________________________________________________________


(May 14, 2020)

COVID-19 is responsible for 238% surge in cyberattacks against the financial sector

The coronavirus pandemic has been connected to a 238% surge in cyberattacks against banks, new research claims. The VMware Carbon Black released the third edition of the Modern Bank Heists report, which says that financial organizations experienced a massive uptick in cyberattack attempts between February and April this year, the same months in which COVID-19 began to spread rapidly across the globe.

Ref - ZDNet

_______________________________________________________________________________________

(May 14, 2020)


In just two weeks over 4 lakh coronavirus related cyber-attacks recorded

Around 20,000 coronavirus-related domains have been registered globally in the past three weeks, including in India. The theme “Corona Cure” has the largest number of domain registrations.
Out of them, around 2% (354) are deemed malicious while another 15% (2,961) are considered suspicious.  

Ref - Digit

_______________________________________________________________________________________

(May 14, 2020)


COVID-19 is helping to increase the digital outreach

The COVID-19 is rapidly accelerating digital transformation. At the same time, the threat landscape is also evolving and posing new challenges. Organizations need to take appropriate steps to protect their business-critical infrastructures and applications.

Ref - RadWare

_______________________________________________________________________________________

(May 14, 2020)


Publicly sharing COVID-19-related threat intelligence

Microsoft, a tech giant, has published detailed guidance to help organizations combat current threats (Responding to COVID-19 together). Their threat experts are sharing examples of malicious lures and enabled guided hunting of COVID-themed threats using Azure Sentinel Notebooks. Microsoft processes trillions of signals each day across identities, endpoint, cloud, applications, and email, which provides visibility into a broad range of COVID-19-themed attacks.

Ref - Microsoft

_______________________________________________________________________________________

(May 14, 2020)


The complete evolution of COVID-19-themed cyber attacks

The United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) released a statement warning of a cybercriminal and advanced persistent threat groups (APT) exploiting the COVID-19 pandemic. The statement provided that the surge in teleworking and virtual private networks use would amplify the existing cyber threat to individuals and organizations.


_______________________________________________________________________________________

(May 14, 2020)


Chinese hackers are attacking COVID-19 researchers via IT suppliers

Hackers working on behalf of the Chinese government are exploiting customer relationships between IT service providers and the healthcare, pharmaceutical and medical research sectors working on the global COVID-19 coronavirus response, according to a public service announcement issued by the US Cybersecurity and Infrastructure Security Agency (CISA).


_______________________________________________________________________________________

(May 14, 2020)


Challenges during staying connected amid the COVID-19 pandemic

The COVID-19 pandemic that is sweeping the globe has effectively put a stop to the bulk of face-to-face interactions. With this new and unexpected reliance on connectivity, both companies and consumers should take extra precautions in ensuring that their data is protected. Cybercriminals are using this chaotic situation to try to obtain sensitive materials.

Ref - ATT

_______________________________________________________________________________________

(May 14, 2020)


Financial cybercrime happened during COVID-19 pandemic

Criminals are exploiting vulnerabilities opened up by the COVID-19 lockdown, increasing the risks of cyber attacks, money laundering (ML) and terrorist financing (TF). Authorities worldwide have responded by drawing financial institutions' attention to these threats and by providing guidance on ways to improve cybersecurity and mitigate ML and TF risks.

Ref - BIS

_______________________________________________________________________________________

(May 14, 2020)

Cybersecurity practices for the Pharma Sector during COVID-19 pandemic

The key to fight against COVID-19 related cyber threats for the pharma sector will be to evolve an intelligence-based mindset, leveraging defence-in-depth principles that take advantage of detection and mitigation capabilities for the entire lifecycle of a cyberattack. Alternatively, these pharmaceutical companies can find a partner currently operating with this mindset.


_______________________________________________________________________________________

(May 14, 2020)

Cybercrime in India on rising since Coronavirus lockdown

Cybercrime in India has surged amidst the country’s unprecedented coronavirus lockdown. As COVID-19 cases in the country continue to climb, New Delhi has sought to aggweourressively contain the spread of the deadly disease by essentially shutting down the world’s second most populated nation. Attacks have soared 86% in the four weeks roughly between March and April, according to a recent Reuters report quoting Indian Home Ministry officials.

Ref - Forbes

_______________________________________________________________________________________

(May 14, 2020)

China denying hacking attempts on US agencies for COVID-19 vaccine data

China termed as “slanderous” the US accusation that hackers backed by Beijing may be attempting to steal COVID-19 related research and vaccine materials. Chinese officials said that "smearing and scapegoating" others will not make the deadly virus go away. The US claims have added fuel to tensions between the two nations, which are engaged in a war of words over the origin of the coronavirus that has killed 300,000 people globally.

Ref - TheWeek

_______________________________________________________________________________________

(May 14, 2020)

Cybersecurity challenge while working from home

Relying on technology is one way to combat cybercriminals, but cybersecurity is a shared responsibility. This pandemic has made us even more dependent on technology to stay connected, emphasising the need for everyone to be aware of cyber-security best practices. Every individual has a role to play so let’s ensure cyber safety while working from home.


_______________________________________________________________________________________

(May 14, 2020)

Around 46% of companies reported cyberattacks during COVID-19 pandemic

A recent report found that almost half of all companies have experienced at least one cybersecurity incident during the COVID-19 lockdown. There are a number of factors leading to these numbers: Rapid remote deployments, reliance on digital communications, disruption to security processes, different risks in remote environments and shift to cloud-based infrastructures.


_______________________________________________________________________________________

(May 14, 2020)

Cyberattacks on healthcare systems will continue even after COVID-19 pandemic stops

With the scale and complexity of cybercrime increasing, and the fact that hospitals are moving toward digitalization and remote patient care, the number of cyberattacks on healthcare systems will continue to increase, says GlobalData, a leading data and analytics company. Hackers will continue to target vulnerable systems as long as there are profits to be made: from selling the stolen patient’s data or ransom demands.


_______________________________________________________________________________________

(May 14, 2020)

Security measures that can help business during COVID-19 pandemic

Businesses can take these few steps to protect themselve: review policies and procedures, Check remote working systems, secure devices by updating them, make sure employees are backing up their work regularly, give proper training to staff about phishing emails and responses, provide IT support, and report any breaches.


_______________________________________________________________________________________

(May 14, 2020)

Email frauds are the biggest threat for working professionals amid Coronavirus pandemic

Email frauds have emerged as the biggest threat for working professionals with almost 60 per cent businesses believing that they are exposed to it, a new survey has revealed. These threats are also a result of the crisis created by coronavirus. Cybercriminals are taking advantage of the discussions around the outbreak and tricking users to click on malicious links or attachments in emails which has even resulted in an increase in phishing attacks.

Ref - ZeeBiz

_______________________________________________________________________________________

(May 14, 2020)

Aon launched a cyber security application with cyan amid Coronavirus pandemic

Aon and cyan offer a new kind of preventive, digital security with the introduction of Aon's CySec App. The app is now available in Aon's corporate design in the Android Play Store and iOS App Store, initially in Austria and Switzerland, and protects Android and iOS devices against online threats such as viruses, malware or phishing attacks. Due to COVID-19 pandemic, cyber attacks on smartphones increased drastically.


_______________________________________________________________________________________

(May 14, 2020)

Cybersecurity professionals are more concerned than before due to Coronavirus outbreak

According to the survey, 94% of cybersecurity professionals are more concerned about security now than before the COVID-19 pandemic. In assessing their security programs, 89% said COVID-19 has been a stress test for every security control and policy within their organisations. Security teams’ top areas of increased concerns include: employee home network security (58%); keeping remote systems configured securely (41%), and keeping remote systems compliant (38%).

Ref - Teiss

_______________________________________________________________________________________

(May 14, 2020)

Soon more details to be revealed regarding Chinese hackers targeting US agencies

Beyond confirming the hacking attempt to steal COVID-19 research, the FBI-CISA warning does not tell much about the attack or the organization(s) targeted. However, the agencies asserted that they would release more technical details in the coming days, which may reveal how the Chinese threat actors tried to break into the systems of American companies researching COVID-19 vaccines, treatments.


_______________________________________________________________________________________

(May 14, 2020)

New Zealand’s GCSB condemnd cyberattacks during Coronavirus pandemic

New Zealand’s Government Communications Security Bureau (GCSB) has criticised the reported cyber attacks on critical infrastructure taking advantage of the COVID-19 pandemic, but revealed the nation has been spared such attacks so far. The intelligence agency’s Director-General, called on all threat actors, including those linked to foreign nation states, to refrain from attack activity during the crisis.


_______________________________________________________________________________________

(May 14, 2020)

US released public announcement on threat posed by Chinese hackers

The US formally accused China of backing attempts to hack the country’s coronavirus research data. The US’ cybersecurity agency released a public service announcement to raise awareness about a “threat to COVID-19 related research.” The FBI is investigating the targeting and compromise of US organizations conducting COVID-19-related research by PRCaffiliated cyber actors and non-traditional collectors.


_______________________________________________________________________________________

(May 13, 2020)

Pharmaceutical companies are vulnerable to cyber attacks due to Coronavirus pandemic

Although many cyber criminals have pledged not to attack healthcare providers during the COVID-19 pandemic, one expert told a news agency that this may not extend to pharmaceutical companies. Recently, hackers published internal data from ExecuPharm back on March 13 following a ransomware attack.

Ref - BioSpace

_______________________________________________________________________________________

(May 13, 2020)

Cyber attack on Tajik journalist reporting on COVID-19 pandemic

The media is literally under attack in Tajikistan. There were a total of over 80 attacks of all kinds, physical and non-physical, including cyber-attacks and attacks via judicial or economic means, on journalists in the country from 2017 to 2019. After a journalist reported on COVID-19, government-linked online trolls called him a traitor.

Ref - HRW

_______________________________________________________________________________________

(May 13, 2020)

Cyber criminals could have infiltrated office computer during lockdown

Any individual moving back to office after working at home, beware that criminals may have been in their workplace. Office computers could be vulnerable because no one may have been in the office to make sure their operating systems were up to date and verify that backups happened. Some people who took their work computers home with them may have found they were already infected with malware.

Ref - Fox10TV

_______________________________________________________________________________________

(May 13, 2020)

COVID-19-themed ransomware attacks increased in Canada

A 4,000 per cent increase in ransomware emails is reported, and 53 per cent of these inbound emails were junk phishing emails. About a 250 to 350 per cent increase[in ransomware-related attack attempts is reported in the last three weeks alone with COVID-19 themed cyberattacks. And at last count, there are 13,000 website domain names using some form of the name COVID-19 that are malicious websites.

Ref - Uzado

_______________________________________________________________________________________

(May 13, 2020)

APWG revealed the evolution of identity theft attacks amid COVID-19 pandemic

The APWG’s new Phishing Activity Trends Report for Q1 2020 reveals several ways in which cybercriminals have taken advantage of the COVID-19 pandemic. These include coronavirus-themed phishing and malware attacks against workers, healthcare facilities, and the recently unemployed. The report also documents how criminals have used COVID-19 as a way to trick companies into transferring money.


_______________________________________________________________________________________

(May 13, 2020)

A report released by Bitdefender on Coronavirus-related cyber threats

Bitdefender threat intelligence data on Coronavirus-related cyber threats between March and April reveals that COVID-19-themed threat reports are becoming the new norm. Since the Coronavirus outbreak, cybercriminals have continuously leveraged this global crisis by focusing on cyberattacks designed to compromise victims data and security.

Ref - SANS

_______________________________________________________________________________________

(May 13, 2020)

Cyber-attacks targeting hospital construction companies ammid Coronavirus pandemic

Two companies involved in building emergency coronavirus hospitals have been hit by cyber-attacks this month. Interserve, which helped build Birmingham's NHS Nightingale hospital, and Bam Construct, which delivered the Yorkshire and the Humber, have reported the cyber incidents to authorities. The separate attacks were not linked.

Ref - BBC

_______________________________________________________________________________________

(May 13, 2020)

Fighting against cyber threats during COVID-19 pandemic

As experts have reported significant increases in the frequency of cyber attacks of all kinds, now is a good time for businesses to take stock of their defenses against such unauthorized intrusions, which include: emails from “spoofed” email addresses and emails that try to fool workers into clicking on links to malware that infects computers.


_______________________________________________________________________________________

(May 13, 2020)

Most Common attacks during Coronavirus pandemic

The most common attacks seen by Cybersecurity Agencies during the COVID-19 crisis are designed to take advantage of the increase in remote work. Two common styles of attack organizations face are (1) phishing attacks, a form of social engineering that exploits the human link in the chain, and (2) technical exploits, which rely on newly deployed or stressed telework infrastructure.

Ref - JDSupra

_______________________________________________________________________________________

(May 13, 2020)

Awareness campaign for cyberthreats happening during the COVID-19 outbreak

The International Criminal Police Organisation has launched an awareness campaign on cyber threats during the COVID-19 outbreak. The campaign is taking place from May 4 to May 31. It is in coordination with law enforcement agencies across the world. Basic cyber hygiene advice is being provided through the international network.

Ref - TheHindu

_______________________________________________________________________________________

(May 13, 2020)

COVID-19-themed malware and spam are on the rise

COVID-19 related malware and spam are on the rise globally, according to new research by Trend Micro Incorporated. The firm has uncovered a variety of malicious campaigns including email spam, BEC, malware, ransomware and malicious domains. Across the board, COVID-19 related spam has seen a 220-fold increase from February to March this year.


_______________________________________________________________________________________

(May 13, 2020)

Cybercriminals doubled their COVID-19-themed cyber attacks

New research suggests that coronavirus-related cybercrime still dominates the present threat landscape, and could even be accelerating. According to a new report from cybersecurity researchers at Check Point, the number of coronavirus-related cyberattacks has reached 192,000 per week, a jump of almost a third (30 percent) over the previous two weeks.


_______________________________________________________________________________________

(May 13, 2020)

Chinese and Iranian hacking hampering efforts for Coronavirus vaccine

Chinese and Iranian hackers are aggressively targeting American universities, pharmaceutical and other health-care firms in a way that could be hampering their efforts to find a vaccine to counter the coronavirus pandemic. These two countries have waged cyberattacks against a range of American firms and institutions that are working to find a vaccine for COVID-19.

Ref - WSJ

_______________________________________________________________________________________

(May 13, 2020)

Coronavirus-related cyber attacks rise up to 30% in three weeks

Check Point Software Technologies have seen 192,000 coronavirus-related cyber-attacks per week over the past three weeks, a 30 per cent increase compared to previous weeks. In the past three weeks, almost 20,000 new coronavirus-related domains were registered, about 17 percent of which are malicious or suspicious.


_______________________________________________________________________________________

(May 13, 2020)

COVID-19 pandemic is accelerating the requirement for more tough cybersecurity

GlobalData’s report, ‘UK Health & Social Care – Cybersecurity’, notes that, in the event of a pandemic, the speed at which a nation responds is crucial to learning more about the threat and ultimately taking measures to minimise or, if possible, eradicate it. Data plays a pivotal role in this scenario and so. The COVID-19 has the potential to change this mindset.

Ref - VarIndia

_______________________________________________________________________________________

(May 13, 2020)

Bam Construct become a victim of cyber attack amid Coronavirus outbreak

Bam Construct has shut down some of its computer systems after falling victim to a cyber attack. A spokesman said the firm had “stood up well” to the attack, and it remained “business as usual” for its operations. The spokesman said there had been a wave of attacks on firms helping in the national effort to fight coronavirus.


_______________________________________________________________________________________

(May 13, 2020)

Digital data can help into finding an effective cure for COVID-19 disease

Researchers will now use data from NHS Digital to help find the most efficient treatment for each patient. This project, called The Randomised Evaluation of COVID-19 (RECOVERY) will be trialled by scientists at the University of Oxford. Data sets from NHS Digital, including Secondary Uses Services (SUS+) will be used in the process to help find the most effective potential treatment. 


_______________________________________________________________________________________

(May 13, 2020)

Centralized versus decentralized data storage factor in Tracking Apps

The track and trace apps are in various stages of deployment in different countries. The biggest debate that has emerged is centralized versus decentralized tracking. The overreliance on fallible apps, that in themselves pose risks, is not the solution either. In centralized tracking, all the data is uploaded to a centralized database, whereas with decentralized tracking, the data remains on the users’ own device.


_______________________________________________________________________________________

(May 13, 2020)

EventBot Trojan is targeting Android devices amid COVID-19 outbreak

Amid Coronavirus pandemic, Indian Computer Emergency Response Team (CERT-In) has issued a warning about a banking trojan called EventBot, which is affecting users of financial transaction apps worldwide. In a statement, CERT-In says, it has been observed that a new Android mobile malware named EventBot is spreading.

Ref - MoneyLife

_______________________________________________________________________________________

(May 13, 2020)

A surge in malware and financial frauds due to COVID 19 is predicted 

McAfee Labs, a Cybersecurity research division of McAfee has predicted that there could be a surge in malware and finance-related frauds during the COVID 19 Pandemic spread. A report titled “COVID-19: Malware makes Hay during a Pandemic” says that the threat will emerge mainly in the form of phishing attacks where hackers will send bulk emails filled with coronavirus themes and messages.


_______________________________________________________________________________________

(May 12, 2020)

ETSI group developing standardization framework to break COVID-19 transmission chains

In response to the global coronavirus pandemic, the new ETSI Industry Specification Group “Europe for Privacy-Preserving Pandemic Protection” (ISG E4P) has been established to provide a standardization framework that will enable developers to build interoperable mobile apps for proximity detection and anonymous identification.

Ref - TotalTele

_______________________________________________________________________________________

(May 12, 2020)

CISOs are focusing on cloud security and cyber resilience during Coronavirus pandemic

The COVID-19 pandemic and new geopolitical risks are challenging CISOs to adapt their management to the current climate. With a sudden increase in remote working, more employees were falling for phishing messages as malicious attacks. About 40% of material incidents are caused by malicious outsiders, while 42% by non-malicious insiders.


_______________________________________________________________________________________

(May 12, 2020)

Top industry sectors hit by COVID-19 Lockdown

While it is difficult to pinpoint industries which are more likely to be affected by this flurry of attempted breaches, the logistics, healthcare, e-commerce, banking, and financial sectors look to be the worst-hit while accounting for a majority of the attacks. Hence, it is no wonder that new-age enterprises are sincerely considering to include cybersecurity budgets as an integral part of their capital expenditure.


_______________________________________________________________________________________

(May 12, 2020)

Indians users targeted by 9,100 COVID-19-themed cyber attacks 

Cyber crooks have been taking advantage of the COVID-19 crisis to defraud people using ransomware and phishing attacks on people. More than 9,000 coronavirus-themed attacks were detected in India between February 2 and May 2. India was actually one of the countries least affected among those that Microsoft tracks.


_______________________________________________________________________________________

(May 12, 2020)

Organisation’s cyber risk and data privacy response measures during Coronavirus outbreak

A team of experts discussed the short- and long-term effects that coronavirus will have on organisations. Some of the effects are: making sure employees are equipped to manage threats, keeping an eye on offices, incident response plans and using the disruption as a learning opportunity. There’s a danger that organisations will overlook the continued challenges that employees face.


_______________________________________________________________________________________

(May 12, 2020)

Security precautions to minimize risk and protect data amid Coronavirus pandemic

Companies need to think fast and smart when it comes to cybersecurity in order to prevent disruption and protect the valuable data businesses rely on and are responsible to protect. For example: tighten remote access security, Emphasize employees’ cybersecurity savvy, Monitor system access, improve incident response, and more.


_______________________________________________________________________________________

(May 12, 2020)


UK banks are exposing companies to the risk of COVID-19-themed scams

In the UK, only 22 percent of banks accredited to hand out coronavirus business loans have implemented the strictest protocols preventing cybercriminals from spoofing an organisation’s identity, leaving customers at greater risk of email fraud. Also, seventy-eight per cent of banks accredited for the Coronavirus Business Interruption Loan Scheme (CBILS) have not implemented the strictest level of DMARC (Domain-based Message Authentication, Reporting & Conformance) protection.


_______________________________________________________________________________________

(May 12, 2020)


US maritime stakeholders launch a cybersecurity centre

A group of American seaports and maritime stakeholders joined forces and launched a new non-profit, the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC), to address cybersecurity issues and raise awareness on the matter. Specifically, the new centre aims to promote cybersecurity information within the shipping industry, in efforts to alert the sector about the challenges arising.


_______________________________________________________________________________________

(May 12, 2020)


Businesses are underestimating COVID-19 cybersecurity risks

COVID-19 has been impacting the world for at least five months, and cybercriminals have not let up in their attempts to manipulate the crisis for their own gain. Despite the increase in attacks, and despite concerns that remote workers aren’t practising good cybersecurity hygiene, companies aren’t properly educating employees about emerging threats.

Ref - ZephyrNet

_______________________________________________________________________________________

(May 12, 2020)


Pool Re report highlights COVID-19’s global impact on terrorism

A new report from Andrew Silke, a Professor for Pool Re and Cranfield University, has highlighted the ways in which the COVID-19 pandemic is impacting terrorism around the world. There are currently mixed opinions on the pandemic’s short-term impact on the level of attacks in the short-term. It’s understood that lockdown measures will tend to inhibit attacks but terrorist propaganda calling for action while authorities are distracted will incite some incidents.
 
_______________________________________________________________________________________

(May 12, 2020)


Zeus Sphinx is being used in Coronavirus-themed attacks

The Zeus Sphinx banking Trojan continues to evolve while receiving new updates, while it is employed in ongoing coronavirus-themed scams. The Zeus Sphinx banking Trojan is based on the code of the Zeus v.2 Trojan that was leaked online. At the end of March, a hacking campaign was spotted employing the Zeus Sphinx malware that focused on government relief payment.
 
_______________________________________________________________________________________

(May 12, 2020)


RDP attacks increased drastically amid COVID-19 lockdown

Remote Desktop Protocol (RDP) cyber-attacks have increased in tandem with the shift to more people working from home in response to the COVID-19 pandemic. RDP ports are often exposed to the internet, a factor that has made the technology the target of various forms of either malware attacks or attempts to break into internal networks.


_______________________________________________________________________________________

(May 11, 2020)


Contact Tracing work posing security concerns about privacy

Contact tracing has been one of the tools a few governments around the world adopted in their responses to the COVID-19 pandemic, with an impressive amount of resources thrown into the development and implementation of this technology. But, it also brings up questions about governments tracking movements.


_______________________________________________________________________________________

(May 11, 2020)


Cybersecurity could be elevated to a much higher level because of the Coronavirus outbreak

COVID-19 obliterated societal norms and standard business practices. It is possible, if not probable, that an accelerated rate of adoption of cyber hygiene best practices could be witnessed, as well as more intensive use of leading-edge security tools and services. And this positive upswing could be reinforced by stricter adherence to data security laws already on the books in several nations.


_______________________________________________________________________________________

(May 11, 2020)


Security tips to stay protected while working from home due to Coronavirus pandemic

Most important tip regarding safety is to step up authentication mechanisms and management of passwords e.g., policy around passwords. Ensure that Endpoint Protection (AV/AM) or EDR (End-point detection and response) system is in place and up to date all the time. Also ensure to use a secure Wi-Fi network at home and avoid public Hotspots or open Wi-Fi.


_______________________________________________________________________________________

(May 11, 2020)


US going to warn China to stop 'stealing' research data on COVID-19 vaccine

Top US agencies are preparing to issue a stern warning urging China to stop stealing research on COVID-19 vaccine. Everybody involved in finding a cure for the deadly virus will be alerted, including hospital labs. China’s most skilled hackers mount cyber-attacks on America to steal research on coronavirus vaccine.

Ref - WIONNews


_______________________________________________________________________________________
(May 11, 2020)


Companies adopted exceptional measures during COVID-19 outbreak

Following the outbreak of the novel coronavirus (COVID-19) and its development into a global pandemic, companies and governments have adopted exceptional measures to safeguard employees, customers, and the public. Some of these measures include the use of technology to enable remote workplaces, and to collect, process, and share personal information in new ways.

Ref - RBCGam

_______________________________________________________________________________________

(May 11, 2020)


COVID-19 response will be a lesson for the future to fight against cyberattacks

By following all precautionary measures taken to deal with the pandemic, the cybersecurity sector could learn a lesson to develop their own cyber strategies. Overall, the first steps taken by an organization attacked by a computer virus or malware incidents is to isolate and contain the problem. Future attacks could now use ransomware designed specifically to freeze industrial control systems.


_______________________________________________________________________________________

(May 11, 2020)


Chinese cybercriminals are trying to steal COVID-19 vaccine work data

The US Federal Bureau of Investigation and cybersecurity experts believe Chinese hackers are trying to steal research on developing a vaccine against coronavirus. The FBI and Department of Homeland Security are planning to release a warning about the Chinese hacking as governments and private firms race to develop a vaccine for COVID-19.

Ref - NDTV

_______________________________________________________________________________________

(May 11, 2020)


Cybersecurity challenges for healthcare sector during COVID-19 pandemic

The COVID19 pandemic has created a new reality for the healthcare sector globally testing its limits. Adding to the overwhelming situation it is currently facing, the sector has become a direct target or collateral victim of cybersecurity attacks. Malicious actors taking advantage of the COVID19 pandemic have already launched a series of phishing campaigns and ransomware attacks.

Ref - ENISA

_______________________________________________________________________________________

(May 11, 2020)


Cyberattacks increasing companies expenditure amid COVID-19 outbreak

At a time when revenues have dried up, Indian companies are seeing a significant rise in their expenditure owing to a massive wave of cyberattack as most of their employees work from home amid the covid-19 lockdown. Many companies had witnessed a 100% increase in attacks between 17 and 20 March.

Ref - LiveMint

_______________________________________________________________________________________

(May 11, 2020)


Cyberattacks are mutating along with the COVID-19 pandemic

As cyberattacks and threats continue to grow and mutate along with the COVID-19 pandemic, three security reports from CrowdStrike, McAfee, and Palo Alto Networks shine a spotlight and how these attacks are evolving and they indicate that businesses aren’t as prepared to secure their now-remote workforce as they think.


_______________________________________________________________________________________

(May 11, 2020)

Hackers are taking advantage of fear surrounding COVID-19 Outbreak

Fraudsters have stepped up cyberattacks taking advantage of the fear over the coronavirus, and there is a new term in the officialdom to describe the malware: Fearware. There are more than 3,000 new web sites related to COVID-19 with several hundred of them being fake, either with dangerous content or incorrect information. The cyber attackers are exploiting the fear of the coronavirus to cause the victim to fall prey to cyberattacks.


_______________________________________________________________________________________

(May 11, 2020)

Cybersecurity for shipping industry amid COVID-19 pandemic

Organisations across industries are rightly focusing on their employees’ well-being, whilst making sure that their operations continue undisrupted and at the same time, adapting to the new ways of operating. The shipping industry has already suffered from cyber attacks and some recent examples that have been made public include, email scams, ransomware attacks, and malware attacks.


_______________________________________________________________________________________

(May 11, 2020)


COVID-19-themed malware and spam on the rise

Malware and spam related to the COVID-19 pandemic are on the rise globally, according to new research from Trend Micro. The cybersecurity solutions firm has released an update on COVID-19 related cyber threats and fraudulent activity, which uncovers global statistics and country threat rankings, garnered from its Trend Micro user base.

Ref - ITBrief

_______________________________________________________________________________________
(May 11, 2020)


Security challenges that COVID-19 outbreak is posing

Amidst the spread of the coronavirus, security agencies are having a nightmare. There are various threats that have emerged due to the pandemic. Phishing, cyber-attacks, infodemic and malware just to name a few. The prime targets have been health organisations such as the WHO. Here the attacker impersonates through a spamming email and message in the context of a perceived authority across the world.

Ref - OneIndia

_______________________________________________________________________________________

(May 11, 2020)


ECEC may not be considering COVID-19-themed cyber attacks

Early childhood education and care (ECEC) is facing threats on a number of fronts since the advent of the COVID-19 pandemic. But there is one threat which may not have been fully considered, which is being actively pitched at the education and care sector - cyber crime. Cyber criminals are asking for ransom to restore access to the data upon payment were launched against the Australian education sector between 13–30 March.

Ref - TheSector

_______________________________________________________________________________________

(May 11, 2020)


New cyber threats trend after COVID-19 outbreak 

Due to COVID-19 pandemic, people are expected to switch to tools that facilitate working from home and virtual contact to suit social distancing guidelines, and will inevitably end up living a greater part of their lives online. The government and businesses must be kept abreast of new tricks which cyber-criminals are using to attack financial institutions and national infrastructure around the world.


_______________________________________________________________________________________

(May 11, 2020)


Cybercriminals are taking advantage of COVID-19 pandemic

The FBI anticipates that cyber actors will exploit increased use of virtual environments by government agencies, the private sector, private organizations, and individuals as a result of the COVID-19 pandemic. Cyber actors are expected to target individuals and businesses by exploiting vulnerabilities in these systems to steal sensitive information, initiate or perform fake financial transactions, and even engage in extortion.

Ref - PNCGuam

_______________________________________________________________________________________

(May 11, 2020)


Using the automation tech to maximize security budgets

With the economic impact of COVID-19 increasingly looking like an imminent recession and the way organizations do work altered perhaps forever, CIOs and CISOs will most likely be managing reduced budgets and a vastly different threat landscape. Automation can both mitigate inherent risks incurred from rapid ecosystem shifts as well as help IT teams re-evaluate long term spending once operations return to normalcy.



_______________________________________________________________________________________

(May 11, 2020)


Black Hat and DEFCON 2020 to go Virtual due to Coronavirus outbreak

Two of the biggest Cybersecurity conferences- Black Hat and DEFCON have been forced to go virtual due to the COVID-19 crisis. Factually speaking, the said two conferences were scheduled to be held in Las Vegas in Aug’2020 with Black Hat scheduled from Aug 1st to Aug 6th and DEFCON from Aug 7th to Aug 9th. 


_______________________________________________________________________________________

(May 11, 2020)


Cyber threats and challenges during COVID-19 pandemic for Nepal

The world is badly affected by COVID-19 and most of the developed countries of the world have been badly affected by the virus. Compared to other countries, the number of infected people in Nepal is low. When the world is in a lockdown state, hackers feel like they are not in lockdown. This allows hackers to steal important data from Internet users or even control a user's device and use it for future cyber attacks.


_______________________________________________________________________________________

(May 10, 2020)

The U.S. is accusing China of trying to steal vaccine data

The F.B.I. and the Department of Homeland Security are preparing to issue a warning that China’s most skilled hackers and spies are working to steal American research in the crash effort to develop vaccines and treatments for the coronavirus. The efforts are part of a surge in cybertheft and attacks by nations seeking advantage in the pandemic.

Ref - NyTimes

_______________________________________________________________________________________

(May 10, 2020)

Protecting crypto from cyberattacks amid COVID-19 outbreak

Users can follow basic cybersecurity practices to protect their crypto such as enabling multi-factor authentication. According to Microsoft, 99.9% of compromised accounts did not have multi-factor authentication activated. Use a different password for every single account. Many people re-use the same five passwords (notwithstanding the fact that the average business user has over 190 logins to track) and good password hygiene.


_______________________________________________________________________________________

(May 10, 2020)

McAfee surveys cyber-threats ongoing during Coronavirus pandemic

McAfee Labs released a report entitled “COVID-19: Malware Makes Hay During a Pandemic” to highlight the last few months of pandemic-themed threat landscape activity. The threats typically leverage a phishing email delivery method, with Coronavirus themes and messages developed to lure employees and family members into engaging with and enabling threats to gain a foothold on their systems.

Ref - VarIndia

_______________________________________________________________________________________

(May 10, 2020)

Advanced hackers are actively targeting healthcare entities

Sophisticated hackers are “actively targeting” healthcare entities, pharmaceuticals, local governments, medical researchers and academics working to blunt the coronavirus (COVID-19) pandemic, the U.S. and United Kingdom (U.K) cyber agencies said in a joint alert. Government agencies warned that advanced persistent threat (APT) actors are probing for COVID-19 intellectual property on national and international healthcare policy along with sensitive research data.

Ref - MSSPAlert

_______________________________________________________________________________________

(May 9, 2020)


Zero-day vulnerabilities challenge during mass remote work due to Coronavirus outbreak

Due to Coronavirus, many organizations have enacted company-wide work-from-home policies to help slow the spread of the virus. For many organizations the sudden requirement to support home working en masse has exposed an uncomfortable reality: critical visibility gaps are everywhere such as Zero-day vulnerabilities, and they could seriously escalate cybersecurity risk. 


_______________________________________________________________________________________

(May 9, 2020)

Around 363 cases registered over social media posts on COVID-19

Maharashtra Cyber has registered 363 offences of rumour-mongering, spreading misinformation, hatred and fake news on social media during the COVID-19 lockdown. The state police's cyber wing has been monitoring online activities to prevent the spread of misinformation about the COVID-19 pandemic. As many as 196 persons were arrested for sharing or uploading objectionable posts, videos, and photographs on social media.


_______________________________________________________________________________________

(May 9, 2020)

SME’s should focus on cybersecurity or be prepared for challenges due to COVID-19 pandemic

As the economic realities of COVID-19 become clear, small and medium enterprises (SMEs) across the country urgently want to get back to business. While still needing to adhere to social distance restrictions, for many this means rapidly pivoting to online means of doing business, something many may never have considered before. It’s important SMEs focus on cybersecurity before they take a hit not only on profit but on their entire business.

Ref - Stuff

_______________________________________________________________________________________

(May 9. 2020)

APT32 is behind a cyber-attack that targeted China’s Ministry of Emergency Management (MoEM)

A spear-phishing based cyber-attack was launched by “APT32” that targeted China’s Ministry of Emergency Management (MoEM) and the provincial government of Wuhan. The aim was to collect information about coronavirus, a disease about which little was known at the time, its origins, and its impact shrouded in mystery. 


_______________________________________________________________________________________

(May 9, 2020)

Interpol is warning of more cyber threats during the Coronavirus pandemic

Interpol has launched an awareness campaign on cyber threats during the COVID-19 outbreak, in coordination with law enforcement agencies across the world. Threats targeting people working from home during the lockdown will also be addressed and there will be prevention tips for companies, said the Interpol statement.

Ref - TheHindu

_______________________________________________________________________________________

(May 9, 2020)

McAfee Labs released a report entitled “COVID-19: Malware Makes Hay During a Pandemic”

McAfee Labs, a security firm, issued a report entitled “COVID-19: Malware Makes Hay During a Pandemic” to highlight the last few months of pandemic-themed threat landscape activity. The threats typically leverage a phishing email delivery method, with coronavirus themes and messages developed to lure employees and family members into engaging with and enabling threats to gain a foothold on their systems.

Ref - CXOToday

_______________________________________________________________________________________

(May 8, 2020)

New cyber risks emerged for automotive repair shops due to the COVID-19 outbreak

In addition to the risk COVID-19 poses to people’s individual health, shop owners and personnel should also be aware that the global pandemic poses increased risks for cybercrime. The largest risk is to the shops that have a higher number of employees working on their personal devices. Shop owners are exposed to cyber-risk when working on-site, but if they’re operating remotely, they do not have the same amount of protection that they’d have while working on-site.


_______________________________________________________________________________________

(May 8, 2020)

Healthcare providers reminded for the importance of data security and privacy protections

As they work to combat the surging COVID-19 virus, healthcare providers recently were reminded by legislators and regulators of the importance of data security and privacy protections. Beyond their general call for action, the Senators offered specific measures CISA and the Cyber Command should adopt to protect healthcare providers’ data security.


_______________________________________________________________________________________

(May 8, 2020)

Coronavirus pandemic proved that cybercriminals have no moral code

In April, when the UK was on the absolute frontline in its fight against COVID-19, the country’s National Cyber Security Centre was forced to take decisive, rarely seen action against the rapidly rising tide of Coronavirus-related scams and phishing emails hitting people’s inboxes. It’s blatantly clear that cybercriminals have no moral code. Worse still, they actually thrive off the fear and panic that catastrophic events create, and prey on these emotions in order to achieve their own, single objective, making money.


_______________________________________________________________________________________

(May 8, 2020)

Local associations are discussing the impact of COVID-19 on organizations

Collision repair industry associations around the country may take different stances on various matters, but one shared commonality is the intent of improving the businesses of their members. Several association leaders graciously agreed to discuss some of the challenges they’ve seen, as well as some of the solutions they’ve presented, while helping member shops navigate the current situation to the best of their ability.


_______________________________________________________________________________________

(May 8, 2020)

Organizations can limit risk of cyber threats for work from home employees

The concept of working from home and remote workforces is not new. However, with unforeseen circumstances of COVID-19, most of the organizations are suddenly forced to practice this work from home culture. Therefore, it is imperative that organizations implement business contingency plans that prioritize protecting remote workforces from attacks.

Ref - INC42

_______________________________________________________________________________________

(May 8, 2020)

Coronavirus drugmaker “Gilead” targeted by Iran-linked hackers 

Hackers linked to Iran have targeted staff at U.S. drugmaker Gilead Sciences, Inc. in recent weeks, according to publicly-available web archives reviewed by Reuters and three cybersecurity researchers, as the company races to deploy a treatment for the COVID-19 virus. A fake email login page designed to steal passwords was sent in April to a top Gilead executive.

Ref - Reuters

_______________________________________________________________________________________

(May 8, 2020)

Cybercrimes against children receiving more cybersecurity tips

There is a whole other parallel world online, where a user can shop, meet friends, or even find love, but it is not always safe for kids, which is why it is important to keep an eye on kids when they are using smart devices. While adults can often fall into internet scams, children can easily fall prey to predators on the web. So, the best thing they can do is monitor their kid’s behaviour and a lot of that comes through talking with their kids.


_______________________________________________________________________________________

(May 8, 2020)

Vietnamese state-backed hacker looking for COVID–19 intelligence from Chinese authorities

APT32, a cyber threat actor with suspected links to the Vietnamese state, has been found to be targeting local government institutions in Wuhan as COVID–19 began spreading in the Chinese city. The episode also covers the cyber capabilities of Southeast Asian states and the Chinese cyber-surveillance of Taiwan. This incident is part of a global increase in cyber espionage related to the crisis.


_______________________________________________________________________________________

(May 8, 2020)

An awareness campaign launched by Interpol that is focused on COVID-19 cyber threats

In response to the rapidly changing cybercrime landscape during the COVID-19 pandemic, global law enforcement and cybersecurity communities have formed an alliance to protect the public. Harnessing the expertise of this alliance, Interpol has launched a global awareness campaign to keep communities safe from cybercriminals.

Ref - FSMatters

_______________________________________________________________________________________

(May 8, 2020)

Canadian government’s pandemic payments program hit by COVID-19 cheque fraud

Cybercriminals are taking advantage of the Canadian government’s multi-billion-dollar pandemic payments program for consumers. Cheques under the Canada Emergency Response Benefit, or CERB, began rolling out in early April. But, criminals soon began selling editable digital copies of cheques on the Dark Web. A criminal can either purchase a digital file and fill in their own name or have a criminal service do the editing for them.


_______________________________________________________________________________________

(May 8, 2020)

Insurance for increased cyber risk in the COVID-19 outbreak

A few months into the COVID-19 pandemic, the insurance focus (understandably) has been on business interruption and event cancellation coverage. However, cyber risks are also highly salient for companies in this “new normal,” and companies must consider the role their insurance plays in preparing for and responding to those risks.

Ref - JDSupra

_______________________________________________________________________________________


(May 8, 2020)

The impact on the remote working infrastructure amid COVID-19

Most organizations, and certainly the more mature ones, had a Business Continuity Plan (BCP) or an IT DR strategy in place. However, most, if not all, did not consider a crisis like this pandemic. This pandemic has forced almost all organizations to turn en masse to virtual alternatives. The uncertainty around COVID-19 has also caused stress among people affecting their morale. The anxiety and fear in people make them vulnerable to cyber attacks more than ever.


_______________________________________________________________________________________

(May 8, 2020)

New cyber risks occurred due to COVID-19 outbreak 

While several organizations have been reacting in real-time to the workforce transitioning into the work-from-home-force, in many ways, cybersecurity experts were already developing potential responses despite not knowing the specific circumstances behind this unprecedented global crisis. It is a new reality in which everyone is working from home isn’t all that different from other imagined scenarios.


_______________________________________________________________________________________

(May 7, 2020)

Cybersecurity must adapt to new threat amid Coronavirus pandemic

Change is a constant in technology, and the greatest changes are often driven by major events that fundamentally reshape how people work and conduct business. In the Age of Coronavirus, more than ever, technology and cybersecurity must keep pace with disruption and change, adapt to adversity, and even accelerate their development wherever possible.


_______________________________________________________________________________________

(May 7, 2020)


SilverTerrier threat group is targeting COVID-19 key workers

Organizations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang. SilverTerrier actors/groups have launched a series of 10 COVID-19 themed malware campaigns. These campaigns have produced over 170 phishing emails. These actors have exercised minimal restraint in terms of targeting organizations that are critical to COVID-19 response efforts.


_______________________________________________________________________________________

(May 7, 2020)


Office for Civil Rights shared a list of COVID-19-related cyber threats

The Office for Civil Rights issued a list of COVID-19-related cyber threat resources for covered healthcare providers to help the sector best prevent, detect, respond, and recover from privacy and security threats. There’s been an increase in targeted attacks against the healthcare sector, with threat actors taking advantage of the pandemic and the increase in remote work.


_______________________________________________________________________________________

(May 7, 2020)


Ransomware attacks hit major healthcare supplier in Europe amid COVID-19 outbreak

Ransomware attackers have breached Europe’s largest private hospital operator, affecting not just its European branches, but every part of the company’s operations around the globe. Fresenius Group, Europe’s largest private hospital operator and a major provider of dialysis products and services, had been hit by ransomware, affecting operations worldwide.


_______________________________________________________________________________________

(May 7, 2020)


Around 292 COVID-19-themed phishing websites removed in two months

Her Majesty’s Revenue and Customs (HMRC) has formally asked UK Internet Service Providers (ISPs) to remove 292 websites exploiting the coronavirus outbreak since the national lockdown began on March 23. Out of nearly 300 fraudulent webpages, 237 were proactively identified by HMRC, while the remaining 55 were flagged directly by consumers via phishing@hmrc.gov.uk.


_______________________________________________________________________________________

(May 7, 2020)


Security misconfigurations represented the greatest risk during Coronavirus outbreak

IBM revealed a 424 percent increase in data breaches due to cloud misconfigurations were caused by human error in 2018, and now managing firewalls or cloud security group configurations is even more vital. COVID-19 has brought these risks into stark relief, as IT teams struggle to keep up with massive network change and accelerated cloud adoption associated with remote work.


_______________________________________________________________________________________

(May 7, 2020)


Coronavirus outbreak response increases state cyber challenges

State and local governments, along with hospitals and critical infrastructure, have borne the brunt of ransomware, which has not been considered a national security risk by federal policymakers until recently. An attack on an ill-protected municipality, health care facility, a small company, or other organizations wasn't at the same level.

Ref - GCN

_______________________________________________________________________________________

(May 7, 2020)


Ransomware type attacks success declines amid COVID-19 outbreak

Successful ransomware attacks on the US healthcare sector are in decline with just 25 providers impacted during the first quarter of 2020, compared to a total of 764 events, or an average of 191 per quarter, in 2019. Ransomware attacks had reached crisis levels by the end of 2019, with early indications that this year would bear similar results. Instead, with the rise of the pandemic, the pace has leveled to numbers not seen in years.


_______________________________________________________________________________________
(May 7, 2020)


A consumer survey shows poor password hygiene among remote workers

Entrust Datacard’s survey found that an astounding 42 percent of employees surveyed still physically write passwords down, 34 percent digitally capture them on their smartphones, and 27 percent digitally capture them on their computers. Additionally, nearly 20 percent of the employees are using the same password across multiple work systems, multiplying the risk of sensitive data if a password is compromised or stolen.


_______________________________________________________________________________________

(May 7, 2020)


Cybercriminals are targeting WHO by posing as think tank and broadcaster

The messages began arriving in World Health Organization employees’ inboxes in early April, seemingly innocuous emails about the coronavirus from news organizations and researchers. But a close examination revealed that they contained malicious links, and some security experts have traced the emails to a hacking group in Iran believed to be sponsored by the government.


_______________________________________________________________________________________

(May 7, 2020)


More than 160,000 COVID-19-themed scams are reported to the National Cyber Security Centre

The National Cyber Security Centre (an arm of GCHQ) has been flooded with more than 160,000 suspicious emails within two weeks, after putting out a call to the UK public to report any coronavirus-related internet scams. The call was issued after the agency tracked a surge in cyber scams and attacks geared towards exploiting the coronavirus pandemic for financial gain.


_______________________________________________________________________________________

(May 7, 2020)


UK businesses are warned for threatening cybersecurity attacks

Cybersecurity expert CrowdStrike has issued a stark warning to British businesses, telling them to crack down on lax remote working policies now or risk catastrophic exposure at the hands of adversaries after lockdown is over. Its latest research, in cooperation with YouGov, has found that over half (52%) of people in the UK working from home do so on their own personal devices, creating potential backdoors into corporate systems for adversaries.


_______________________________________________________________________________________

(May 7, 2020)


Scammers are taking advantage of a Coronavirus pandemic

This current state of fear, confusion, and uncertainty has created many opportunities for cybercriminals. Cybercriminals are capitalizing on the COVID-19 pandemic to achieve financial, geopolitical supremacy and reputational objectives. Cyber threats are unseen but they can wreak havoc to social systems and cause emotional and financial pain to communities, businesses, and governments.


Ref - PCQuest

_______________________________________________________________________________________

(May 7, 2020)

A phenomenal increase reported in the volume of fraud attacks amid COVID-19 pandemic

Whilst the current COVID-19 crisis has brought many businesses and operations to a standstill, one area it hasn’t diminished is a fraud. The last few weeks have witnessed a phenomenal increase in the volume of fraud attacks, ranging from 200%-400%, depending on the industry. Some of these relate directly to the pandemic.


_______________________________________________________________________________________

(May 7, 2020)


Over 300 COVID-19-themed phishing and scam websites are taken down by UK intelligence services

More than three hundred phishing and scam websites, many related to coronavirus, have been taken down by UK intelligence services after the general public flagged over 160,000 suspicious email messages. Many scams being reported to the NCSC include websites claiming to sell coronavirus-related products including testing kits, face masks, and even vaccines, which currently don't exist.

Ref - ZDNet

_______________________________________________________________________________________

(May 7, 2020)


Ransomware attacks and phishing schemes are rising due to COVID-19 outbreak

COVID-19 has slowed the economy down, but hackers are busy as usual looking to take advantage of the pandemic to breach systems, steal data, and profit by holding both systems and data hostage. While attackers are using a variety of tools to target these victims, one of their preferred methods is ransomware, using coronavirus fear to lure people into clicking malicious links or giving up sensitive data so the hackers can infiltrate systems.


_______________________________________________________________________________________

(May 7, 2020)


Human strategy can be the best defense to combat COVID-19 cyber attacks

Millions of people around the world have been working from home to collectively slow the spread of the coronavirus. However, as the global workforce migrates from physical corporate locations to less-secure home offices, this new reality creates increased cyber threats, as employees exchange what can be sensitive data in order to prevent business operations from coming to a standstill.


_______________________________________________________________________________________

(May 7, 2020)


SMBs have already experienced a cyberattack before Coronavirus outbreak

Nearly one in seven senior decision-makers said their organization has already experienced at least one cyber attack since the start of the COVID-19 pandemic. Furthermore, more than one in five (22%) said their organization transitioned to remote work without having a clear policy to mitigate or prevent cybersecurity threats. Additionally, 17% said their organization is at an increased risk for a cyberattack and 12% said they would not know how to respond to one.


_______________________________________________________________________________________

(May 7, 2020)

Challenges of working remotely due to Coronavirus pandemic

Millions of people around the world are now working remotely due to the lockdown, and doing it safely and securely becomes a challenge. For better protection, employees should follow basic security practices such as: when recording a meeting, participants should be notified before recording has started and the recordings should be stored in an encrypted repository. In the case of collaboration tools, having a multi-factor authentication feature (MFA) turned on by the IT administrator provides an additional layer of security.


_______________________________________________________________________________________

(May 7, 2020)

Criminals are taking advantage of changing lifestyles and business operations amid COVID-19 outbreak

As lifestyles and business operations change due to shutdowns and stay-at-home orders nationwide, supply chain experts are warning business owners, workers, and the general public about a growing risk of pandemic-related criminal activity. A rise in the sale of counterfeit N95 masks and other personal protective equipment (PPE), increasing cyberattacks, and the potential for cargo theft of PPE are driving demand for stricter risk mitigation efforts.



_______________________________________________________________________________________

(May 7, 2020)

Stay Cyber-secure when working from home due to Coronavirus outbreak

The global COVID-19 pandemic has brought telecommuting into the mainstream; millions of people who previously always worked in their employers’ facilities now work from home. So, to stay protected, users should work in “secure” locations, utilize security software on all devices and proper Team-Oriented VPN, learn about social engineering attacks, and learn to utilize proper communications tools and settings.


_______________________________________________________________________________________

(May 6, 2020)

Household cybersecurity practices for staying protected all the time

Working from home transition seems a good opportunity for cybercriminals. To prevent such situations, some household cybersecurity practices have been provided. When calls, emails, or messages are received, users should exercise vigilance and critical thinking. Cautiously open attachments, messages, or links from unknown senders, and use unique & strong passwords and implement multi-factor authentication, and some other basic security practices.


_______________________________________________________________________________________

(May 6, 2020)

Contact tracing applications failed’ NHS and cybersecurity tests

The UK’s government anticipated coronavirus tracing app has failed crucial security tests and is not yet safe enough to be rolled out across the country. It is understood the system has failed all tests needed in order for it to be included in the NHS Apps Library, including cybersecurity, clinical safety, and performance.


_______________________________________________________________________________________

(May 6, 2020)

Security tips to protect users from COVID-19-targeted attacks

Remote users can follow four basic security tips to stay protected while working from home. First is protect endpoints, second, enable multi-factor authentication (MFA) for online Exchange, and email. Third, have email filtering or hygiene between the firm’s mailboxes and the outside world. Last and fourth, reach out to other resources to learn and share what the other users are seeing in their organization.

Ref - CSOonline

_______________________________________________________________________________________

(May 6, 2020)

HHS released a security and privacy guidance for COVID-19 related cyber threats

The Department of Health and Human Services' Office for Civil Rights issued guidance compiling a list of resources to help organizations "detect, prevent, respond and recover" from a surge of coronavirus-themed cyber threats, ranging from ransomware and other types of extortion to phishing and attacks on video conferencing technology platforms.


_______________________________________________________________________________________

(May 6, 2020)

Coronavirus pandemic used as a lure to target banks with phishing attacks

The number of cyber-attacks trying to trick bank employees to click on malicious links has jumped in the first quarter, with criminals attempting to take advantage of fear and confusion caused by the coronavirus pandemic. While the so-called phishing campaigns, which surged by a third in the period, haven’t so far resulted in any major breaches in the industry, smaller lenders remain at a greater risk than bigger banks.

Ref - Bloomberg

_______________________________________________________________________________________

(May 6, 2020)

Best security practices for business clients in the COVID-19 outbreak

Small businesses are forced to adapt or close as a result of mandated shutdowns to minimize COVID-19’s impact. In such a situation, there are three critical cybersecurity considerations agents should include in their client discussions: following best practices to defend against attacks, second, educating/training employees to work securely, and the third one is to review and update remote work security policies annually.


_______________________________________________________________________________________

(May 6, 2020)

New Nation-State cyberattack tools discovered associated with COVID-19 phishing scam

Illusive Networks revealed that it had detected and thwarted a nation-state attack linked to a COVID-19 related phishing scam. That led to the discovery of new tools used by cybercriminals, and researchers are investigating the potential involvement of two or more groups. The objective of this advanced persistent threat (APT) was a large-scale ransomware attack.


_______________________________________________________________________________________

(May 6, 2020)

Cybercriminals are developing new phishing tools, hacking strategies and attack vectors due to Coronavirus

The industrious and criminal-minded threat actors behind the majority of cyberattacks have reinvented their attack approaches during the ongoing COVID-19 pandemic. Since the advent of the outbreak, cybercriminals are developing new phishing tools, hacking strategies, and exploring different attack avenues to benefit from the crisis and eventually prove their cyber prowess.

Ref - CisoMag

_______________________________________________________________________________________

(May 6, 2020)

A private hospital operator “Fresenius” hit by ransomware amid COVID-19 outbreak

Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services, has been hit in a ransomware cyberattack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.


_______________________________________________________________________________________

(May 6, 2020)

Employers should review their security practices while working from home due to the Coronavirus outbreak

Many more millions of employees have been working remotely as a result of the devastating COVID-19 virus than ever before. As employers look forward to the future of securing remote work in their organizations, they should review some considerations as part of their defense in depth. For example, organizations should think in terms of people, information and machines, and develop a written risk assessment and information security plan for remote workers and etc.


_______________________________________________________________________________________

(May 6, 2020)

Sensitive data is building upon enterprise devices and at-risk amid COVID-19 outbreak

There has been a 46 percent increase in the number of items of sensitive data, such as Personally Identifiable Information (PII) and Protected Health Information (PHI), identified on enterprise endpoints, compared to pre-COVID-19. Compounded by the pre-existing gaps in endpoint security and health, this means enterprise organizations are at heightened risk.


_______________________________________________________________________________________

(May 6, 2020)

Many restaurants lack comprehensive cyber insurance coverage amid COVID-19 outbreak

Just as the COVID-19 outbreak creates a host of new cybersecurity threats, many restaurants have been found lacking comprehensive cyber insurance coverage, according to Restaurant Guard Insurance. With many restaurants switching to online ordering in response to the pandemic, the danger of cyber threats has increased.


_______________________________________________________________________________________

(May 6, 2020)

Amid Coronavirus outbreak startups are most vulnerable to cyber frauds

The outbreak of the COVID-19 pandemic has impacted the economy and businesses across the globe. Among the worst affected in these trying times are the small business and start-ups, as they stare at major financial resource crunch. It’s a double whammy for small enterprises and startups, with the rising threat of cyber frauds and data breaches.


_______________________________________________________________________________________

(May 6, 2020)

COVID-19 pandemic has built many value-grab opportunities for companies in the Cybersecurity

A study by Market Research Reports Search Engine (MRRSE) introspects the various factors that are tipped to influence the growth of Cybersecurity-as-a-Service Market in the upcoming years (2019-2027). The study introspects the various factors that may influence the growth, including current trends, growth opportunities, restraints, and major challenges faced by market players in the Cyber security as a Service market.


_______________________________________________________________________________________

(May 6, 2020)

Cybersecurity for Australian companies is not up to par during COVID-19 pandemic

Australian businesses understand that COVID-19 and subsequent remote working plans have resulted in increased cyber risks, however only half are providing additional training for staff in order to bolster employee knowledge and reduce threats. Around 500 Australian decision-makers across small, medium, and large business enterprises were surveyed and CrowdStrike found that from February to March alone there was a 100x increase in COVID-19 themed malicious files.


_______________________________________________________________________________________

(May 6, 2020)

A detailed curated list released to block COVID-19 threats

Thousands of experts and researchers from around the world, including Australia and New Zealand, have joined forces to collaborate and share information on cybersecurity. They have released a network blocklist to help stop attacks abusing the COVID-19 pandemic. Known as the Cyber Threat Coalition (CTC), the security researchers have released an initial version of curated data sets that anyone can use to halt COVID-19 related cybercrime.

Ref - ITNews

_______________________________________________________________________________________

(May 6, 2020)

Retail is one of the most targeted sectors by cybercriminals during Coronavirus pandemic

The retail industry has been the biggest victim of cyber attacks during the COVID-19 pandemic, new data from Mimecast shows. During the First 100 Days of Coronavirus, Mimecast observed the emergence of 60,000+ COVID-19-related registered bogus domains. These fake domains impersonated major retail brands in order to steal from unsuspecting panic-buyers as they looked to purchase necessities online during this pandemic.

Ref - RagTrader

_______________________________________________________________________________________

(May 5, 2020)

The COVID19 pandemic is changing the authentication industry

In the COVID-19 era, people are working from home due to the COVID-19 outbreak, often on laptops and mobile phones that are also personal devices, and logging on to work networks through home broadband connections that could be compromised. So, businesses have to adapt the way they work by providing employees with a method to prove it’s them. Government-mandated home working has forced companies to reassess how they identify and onboard employees, and suggest using secure authentication mechanisms like Two factor authentication.

Ref - Raconteur

_______________________________________________________________________________________

(May 5, 2020)

COVID-19 is changing the game on ransomware cyber attacks

States, municipalities, and critical infrastructure have borne the brunt of the ransomware, which historically has not been treated as a national security risk by federal policymakers until very recently. A number of lawmakers on Capitol Hill are pushing to include a dedicated pot of federal funding in future COVID-19 relief bills that states and localities can draw from to bolster protections.

Ref - FCW

_______________________________________________________________________________________

(May 5, 2020)

COVID-19 pandemic isn’t stopping hackers from targeting healthcare providers

In early April, INTERPOL warned of “a significant increase” in ransomware attempts against organizations responding to the pandemic, including hospitals. Since then, a steady drip of alerts and attacks have only heightened the unease. Cybercriminals around the country are “absolutely taking advantage” of the pandemic. 

Ref - Builtin

_______________________________________________________________________________________

(May 5, 2020)

Manufacturing and retail organizations are seeing the most attacks during COVID-19 pandemic

With cybercrime accelerating as Covid-19 spreads, manufacturing and retail organizations are seeing the most attacks. A security firm Mimecast has examined the first 100 days of the crisis. Between January and March, says the firm, spam, and opportunistic detections increased by 26.3%, while impersonation was up 30.3%, malware by 35.16%, and the blocking of URL clicks by 55.8%. Overall, detections were up by a third.

Ref - Forbes

_______________________________________________________________________________________

(May 5, 2020)

Businesses around the world are in constant attack during coronavirus

An uptick of coronavirus-themed cyber attacks on hospitals, pharmaceutical laboratories, and even the trucking industry has been observed in recent weeks. This reveals the need for businesses to double down on security to ensure their networks are protected. Many of the attacks were ransomware, holding companies’ network systems hostage until a payout was made. 


_______________________________________________________________________________________

(May 5, 2020)

Tax pros and accountants are at risk during coronavirus crisis

Tax preparers, accountants, and auditors, who are working away from their offices as a result of the novel coronavirus pandemic, are at risk of falling prey to cybercriminals. The IRS had issued a warning to taxpayers to beware of scammers calling and emailing them about the stimulus payments from the CARES Act, along with other schemes related to COVID-19, as they could lead to identity theft and tax fraud.


_______________________________________________________________________________________

(May 5, 2020)

Widespread fraud reported in the healthcare sector during COVID-19 outbreak

Fraud and corruption in healthcare services around the world has significantly reduced delivery of COVID-19-related healthcare during the month of April and contributed to COVID-19 mortality in every third country surveyed, according to a new study from NEMEXIS. This is currently the largest survey on fraud, waste, and corruption affecting healthcare systems across the globe while the world battles COVID-19.


_______________________________________________________________________________________

(May 5, 2020)

Cyber-spies are looking for Covid-19 research of UK and USA

The UK and the US have issued a joint warning about cyber-spies targeting the health sector. Hackers linked to foreign states have been hunting for information, including Covid-19 data and vaccine research, they say. UK sources say they have seen extensive activity but do not believe there has been any data theft so far.

Ref - BBC

_______________________________________________________________________________________

(May 5, 2020)

Best ways to avoid Coronavirus themed scams and cyber attacks

Several recommendations about fighting against Coronavirus themed scams have been provided. The best way to avoid these scams is to be aware of what is happening and apply a bit of common sense to every unsolicited email or text a user receives, spend a second to think. Another way to help everyone is to be aware of the frauds and scams doing the rounds, and get this information from a trusted source.


_______________________________________________________________________________________

(May 5, 2020)

Taiwan helping with cybersecurity by cooperating with partners amid COVID-19 Pandemic

Taiwan is cooperating with partners in other nations on cybersecurity after the Brno University Hospital in the Czech Republic and the US Department of Health and Human Services experienced cyberattacks in recent months. Taiwan has begun sharing cybersecurity intelligence with both nations, as well as others, to cooperate on defense measures, as Taiwan has extensive experience dealing with cyberattacks.


_______________________________________________________________________________________

(May 5, 2020)

Financial Scams are rising in developing countries during the Coronavirus outbreak

In the Philippines, Peru, India, Kenya, South Africa, and many other developing countries, poor people who are already struggling with the health impact of the coronavirus pandemic have been targeted by online fraudsters trying to take unfair advantage of them. There is the risk that these scams could undermine confidence in digital technologies that are proving so very important in keeping people informed and connected during the pandemic.

Ref - IpsNews

_______________________________________________________________________________________

(May 5, 2020)

Security pros are banding together to thwart off cyberattacks on healthcare facilities 

Cybercriminals are ramping up their games against the healthcare industry where the pace of cybersecurity remediation is markedly slower than others. Health Information Sharing and Analysis Center (H-ISAC) is an organization that is collecting information from cybersecurity volunteers who are helping out healthcare organizations against such cybersecurity threats.

_______________________________________________________________________________________

(May 5, 2020)

Tech professionals are not well prepared for COVID-19 cyber attacks

Despite the influx of cybersecurity threats during COVID-19, less than half of technology professionals are “highly confident” in their ability to detect and mitigate threats. Of 3700 international IT audit, risk, governance, and cybersecurity professionals, surveyed in mid-April, only 51% said they were adequately equipped to manage the new threat landscape.


_______________________________________________________________________________________

(May 4, 2020)

Hackers have put more than 500,000 Zoom logins up for sale on the Dark Web

The widespread use of video calls for private and work conversations during the COVID-19 lockdown has attracted the attention of criminals. Now, hackers have put more than 500,000 Zoom logins up for sale on the dark web at a penny each. The 500,000 Zoom logins available at a penny each were discovered by the cybersecurity intelligence company Cyble. 


_______________________________________________________________________________________

(May 4, 2020)

Cyberattacks are constantly evolving amid Coronavirus outbreak

COVID-19 outbreak has caused a global disruption, and it has also changed the cybersecurity threat landscape. There has been an increase in the number of cybercrimes since professionals were asked to work from home. Cyber Attacks are constantly evolving, and cybercriminals are targeting computer and other devices in order to take advantage of online behavior and trends during the Corona epidemic. 

Ref - PCQuest

_______________________________________________________________________________________

(May 4, 2020)

COVID-19 pandemic forced many organizations to undergo an immediate digital transformation

Cybercriminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. As Covid-19 swept across the globe, it has forced many organizations to undergo an immediate digital transformation. Security professionals are facing challenges to manage their increased workload, safeguard their mental well-being, and avoid burnout. 


_______________________________________________________________________________________

(May 4, 2020)

Around 40% of security pros do not have proper tools to fight against cyberattacks

The rapid transition to remote work has increased data protection and privacy risks worldwide, yet only half of technology professionals and leaders are confident of detecting and responding to cyberattacks during COVID-19. A survey conducted by ISACA found that 87 percent of technology professionals and leaders agree that the rapid transition to remote work has increased data protection and privacy risks and 80 percent of organizations have shared cyber risk best practices for working at home with their employees.

Ref - Teiss

_______________________________________________________________________________________

(May 4, 2020)

COVID-19 pandemic is a huge opportunity for cybercriminals

A sudden scenario of remote working during this COVID-19 lockdown period has brought multiple challenges. The fragmented remote access infrastructures are very much evident now as they are only designed for 20% of an organizations’ workforce. Key threats emerging as a result of COVID-19 include VPN allowing unnecessary access, phishing and ransomware attacks, attacks on endpoints, Man-in-the-Middle attacks, etc.

Ref - PCQuest

_______________________________________________________________________________________

(May 4, 2020)

Netherlands leading the United Nations’ efforts to fight against COVID-related cyber threats 

Netherland provided concrete examples of what the COVID-related threats are, and how they fit in the existing international framework of norms. Thus, other countries missed this opportunity to apply the OEWG’s work to a global challenge, perhaps because their submissions were prepared before cyber disruption related to the pandemic became so prominent.

Ref - CFR

_______________________________________________________________________________________

(May 4, 2020)

Cybercriminals are taking advantage of COVID-19 to hamper the global response

Proofpoint, a cybersecurity firm, tracked 75 million coronavirus-themed malicious messages during one week in April. Amid global panic and frustration, people are more likely to click without thinking about the risks, especially when emails promise urgent new information about travel restrictions or virus cures.


_______________________________________________________________________________________

(May 4, 2020)

Zurich describes the cyber framework all businesses should be using amid COVID-19 pandemic

Zurich’s cyber risk engineering global practice leader outlined how the NIST cybersecurity framework developed by the US National Institute for Standards and Technology has evolved into a de facto standard within the cybersecurity sector, outlining how organizations can best manage cyber risk. Zurich makes use of this framework for its cyber risk engineering processes as well, and the framework also provides concrete answers for organizations to cope with the ransomware threat.


_______________________________________________________________________________________

(May 4, 2020)

Belfast Police issued a warning over a recent rise in cybercrime

Police in the Northern Irish capital city of Belfast have issued a warning over a recent rise in cybercrime. A senior police officer said businesses had experienced a "surge" in cyber-attacks since the outbreak of the novel coronavirus. Many of the attacks are scams concocted by fraudsters seeking to exploit the health pandemic. All of the usual methods of attack have been ramped up during the Coronavirus outbreak.


_______________________________________________________________________________________

(May 4, 2020)

Mumbai-based crowdfunding platform Impact Guru faced a cyberattack amid COVID-19 pandemic

Crowdfunding and fundraising platforms are being attacked by cybercriminals amid the Coronavirus outbreak. Just recently, a Mumbai-based crowdfunding platform “Impact Guru” faced a cyberattack. The security incident involved unauthorized access to the website. The firm also noted that it has resolved the key vulnerabilities that led to the breach.

Ref - INC42

_______________________________________________________________________________________

(May 4, 2020)

European Union has urged cybercriminals to halt all malicious activity exploiting the global Covid-19 pandemic

European Union (EU) has urged cybercriminals to stop all malicious activity exploiting the global Covid-19 pandemic. The EU’s High Representative singled out attacks on “critical infrastructures that are essential to managing this crisis” as particularly egregious in a press release issued on April 30. The proliferation of “malware distribution campaigns, scanning activities, and distributed denial-of-service (DDoS) attacks, since the outbreak.


_______________________________________________________________________________________

(May 4, 2020)


Cybercriminals are taking advantage of COVID-19 to carry out phishing attacks

Cybercriminals continue to take advantage of COVID-19 to initiate a multitude of phishing attacks, with their tactics and strategies becoming more sophisticated and focused. An extensive number of them are leveraging phishing campaigns to deliver malware globally. They are also employing ransomware under the guise of security software. Business Email Compromise (BEC) attacks have seen an incredible spike too.



_______________________________________________________________________________________

(May 4, 2020)


State-sponsored hackers are targeting British Universities to steal Coronavirus vaccine secrets

State-sponsored hackers are attempting cyber-attacks on British Universities and scientific facilities to steal the research work of the university, related to COVID-19 including vaccine development. But the attack was not successful and they couldn’t get any confidential data related to the research. This is all because of their security measures and following cyber hygiene


_______________________________________________________________________________________

(May 4, 2020)


People should be on alert for coronavirus scams and phishing attacks

During the COVID-19 crisis, criminals continue to ply their trade, exploiting the crisis for their gain. While employees work from remote locations, it is important for businesses to continue educating their teams about cyberattacks to prevent information systems from being compromised. To create the impression of authenticity, criminals may spoof email sender information to make it appear to come from a trustworthy source.


_______________________________________________________________________________________

(May 4, 2020)


Working from home facing challenges as well as opportunities amid COVID-19 pandemic

Working from home brings with it challenges as well as opportunities. For example, corporate networks, that are not used to having most of their connections over virtual private networks (VPNs), are experiencing unusual problems, as well as internet service providers coming under pressure so that remote workers can do their normal hours from home.


_______________________________________________________________________________________

(May 4, 2020)


A significant increase recorded in Coronavirus themed phishing scams 

South African Banking Risk Information Centre recently warned customers about a significant increase in phishing scams. Citizens are being manipulated into clicking on malicious links via e-mails and SMSes offering COVID-19 info, non-existent vaccines, hand sanitizers, and masks, and then being persuaded to hand over personal data. Besides the phishing scams, fake apps, and vulnerabilities with remote working are also being exploited by several cybercriminals.

Ref - ITWeb

_______________________________________________________________________________________

(May 3, 2020)

Jio’s symptom checker website exposed core databases to the internet without a password

India’s largest cell network Jio, a subsidiary of Reliance, launched its coronavirus self-test symptom checker in late March, just before the Indian government imposed a strict nationwide lockdown to prevent the further spread of the coronavirus. But a security lapse exposed one of the symptom checker’s core databases to the internet without a password.


_______________________________________________________________________________________

(May 3, 2020)


COVIDSafe contact tracing application making a false claim of letting a user out of coronavirus lockdown

A message by the Australian prime minister is dangerously misleading: download the COVIDSafe app and they can start letting a user out of coronavirus lockdown. COVIDSafe app doesn't do what contact tracers do. It merely logs which other COVIDSafe users must’ve been near, ready for later analysis, should one of a user test COVID-19 positive.

Ref - ZDNet

_______________________________________________________________________________________

(May 3, 2020)


A new trend of sophisticated phishing methods via email spotted amid COVID-19 pandemic

The new coronavirus has recently added to the bad intentions of hackers by developing a new trend of sophisticated phishing methods via email. Email messages may require users to open an attachment to view the latest statistics. If a user clicks on the attached attachment link, they are likely to download malicious software to their mobile device or computer, tablet laptop, etc.


_______________________________________________________________________________________

(May 3, 2020)


Phishing attacks using Covid-19 themes, scamming, brand impersonation, and business email compromise 

A huge number of companies are rushing to enable their workers to work remotely, but few corporate computer systems were designed with such large remote workforces in mind. This has left them susceptible to cyber-attacks and more vulnerable than ever to attackers. This increases the operational risk of cyberattacks. A huge increase in cyber activity, malware, ransomware, phishing, and account takeovers, has been noticed, all exploiting Covid-19.

Ref - Sesin

_______________________________________________________________________________________

(May 3, 2020)


Nation-state sponsored hackers are trying to steal coronavirus research

Cybersecurity experts have warned that hostile states are trying to hack British universities and scientific facilities to steal research related to Covid-19, including vaccine development. It is understood that nations including Iran and Russia are behind the hacking attempts, while experts have said China is also a likely perpetrator.


_______________________________________________________________________________________

(May 3, 2020)


A council targeted in a cyber-attack has 90% of its computer systems working again

Redcar and Cleveland Council was hit by a ransomware attack on 8 February which left its website inoperable and some officials having to use pen and paper to keep services running. Engineers have prioritized essential systems and are working on the rest. The attack had not stopped the council responding to coronavirus or providing key services.

Ref - BBC

_______________________________________________________________________________________

(May 1, 2020)

Cybersecurity becomes more important due to COVID-19 pandemic

The COVID-19 outbreak has forced many companies to change the way they conduct operations like working from home. During this challenging time when so many people are working remotely, it’s more important than ever to keep cybersecurity at the top of mind. Patching system regularly and avoid clicking on clicking on phishing emails has now become basic security practice.

Ref - PowerMag

_______________________________________________________________________________________

(May 1, 2020)

Cyberspies are looking for coronavirus vaccine secrets

An international race is on to find a vaccine for COVID-19. The US has seen foreign spy agencies carry out reconnaissance of research into a coronavirus vaccine. Researchers, companies, and governments are all involved. And their efforts are simultaneously being protected by domestic spy agencies while being targeted by foreign ones.

Ref - BBC

_______________________________________________________________________________________

(May 1, 2020)

European Union accused unnamed parties of exploiting the coronavirus pandemic to launch cyberattacks

A flood of cyberattacks has targeted European countries, affecting critical systems needed to deal with the virus crisis, said foreign policy chief Josep Borrell in a statement on behalf of all 27 EU members. Internet users have seen a surge in COVID-related attacks and fraud schemes, including phishing emails purportedly from health agencies, counterfeit product offers, and bogus charity donation requests.


_______________________________________________________________________________________

(May 2, 2020)


Cloud giants see a drop-off in new contracts from big clients, while overall usage surge

As lockdown orders force billions of people to work, learn and play from home during the novel coronavirus outbreak, usage has surged for the cloud computing services that power video conferencing, streaming television, and online games. The world's three leading cloud services providers - Amazon's Amazon Web Services, Microsoft's Azure, and Alphabet's Google Cloud, have all seen demand for their services jump. But there has been a drop-off in the new contracts for server storage from big clients, while generous free trial offers also capped sales growth.


_______________________________________________________________________________________

(May 2, 2020)

Iran and Russia based hackers launch hacking attacks on British universities

British institutions fighting Covid-19 have been subject to cyber-attacks traced back to Russia and Iran. Hackers linked to hostile states have targeted UK universities attempting to produce vaccines and testing kits as well as scientists and doctors studying the virus. Spy bosses at the National Cyber Security Centre branded the attacks ‘utterly reprehensible’ and confirmed they were working ‘round the clock’ to battle the online menace.

Ref - DailyMail

_______________________________________________________________________________________

(May 2, 2020)

Business email compromise becomes even more prevalent during COVID-19 pandemic

The COVID-19 pandemic has seen this social engineering fraud, often referred to as “business email compromise,” become even more prevalent. As businesses have rushed to mobilize at-home workforces in response to shelter-in-place measures, for many, this an entirely unfamiliar experience and left their business more vulnerable to cyber-criminals.

Ref - JDSupra

_______________________________________________________________________________________

(May 1, 2020)

Enterprise Resource Planning (ERP) implementation facing more challenges amid COVID-19 pandemic

Due to the COVID-19 crisis, several businesses are reassessing the value of long-term IT projects. ERP projects tend to be complex, costly, time-consuming and can affect critical business functions. These challenges will only be exacerbated by the COVID-19 crisis. For instance, rolling out a complicated ERP system in multiple sites around the world is probably not realistic, or may take much longer than a pre-COVID-19 scenario.

Ref - SearchERP

_______________________________________________________________________________________

(May 1, 2020)

Malicious attackers now launching new types of malware, phishing, scams

The COVID-19 crisis and the ongoing lockdown that has necessitated people to work from home, has also led to increased chances of cyber attacks targeted at company employees. Remote employees are being targeted by phishing and vishing attacks that aim to steal corporate credentials. Hackers have deployed new types of malware, exploits, phishing attacks, and scams to infect employees’ devices and snoop on their confidential data.

 
_______________________________________________________________________________________

(May 1, 2020)

Cyber-attacks on mortgage professionals are growing amid COVID-19 pandemic

As critical as remote work has been to keeping countless businesses alive during the COVID-19 pandemic, it has also proven to be a boon for cybercriminals, who are taking advantage of remote workers’ naiveté and distance from their secure office environments to unleash an unrelenting wave of phishing, email, and even telephone scams. Many mortgage professionals still regularly don’t know what to look for when asked to identify a phishing attempt.

Ref - Mpamag

_______________________________________________________________________________________

(May 1, 2020)

Enterprise security executives are busier than ever due to COVID-19 outbreak

During the COVID-19 crisis, enterprise security executives are busier than ever, standing up business continuity plans, enacting broader contingency plans, mitigating risks with employees working at home, and more all to keep businesses humming as the coronavirus outbreak has spread. In any crisis, clear communication and information are always critical, but particularly key during a crisis.


_______________________________________________________________________________________

(May 1, 2020)

A possibility of digital surveillance in the name of the fight against COVID-19 pandemic

A digital security expert has warned that the COVID-19 pandemic may turn digital surveillance into a so-called “new normal” as many governments flaunt their respective contact tracing applications and programs to fight the spread of the deadly virus. Several international human rights watchdogs have earlier called out the attention of various governments on the increasing surveillance of the people.

Ref - BulatLat

_______________________________________________________________________________________

(May 1, 2020)

Demand for artificial intelligence-based email security has grown 400%

Darktrace, a cyber AI company, has announced that the number of customers using Darktrace’s AI email solution, Antigena Email, has doubled since January 2020, while the number of requests for the trial of Antigena Email has quadrupled since the lockdown began in early March. In the month of April, 60% of all advanced spear-phishing attacks blocked by Antigena Email were either related to COVID-19 or aimed to trick employees by referencing remote working.


_______________________________________________________________________________________

(May 1, 2020)

The Federal Bureau of Investigation to issue two alerts warning businesses of the growing threat

As the novel coronavirus continues to spread across the globe, cyberattacks seeking to exploit the crisis are similarly on the rise. The frequency of COVID-19 business email compromise schemes, a particularly low-tech, but highly damaging type of cyber scam, has risen significantly in recent weeks, so much so that it prompted the Federal Bureau of Investigation to issue two alerts warning businesses of the growing threat.

Ref - Law360

_______________________________________________________________________________________

(May 1, 2020)


NSA released security guide choose safe conferencing and collaboration tools

The US National Security Agency (NSA) published a security assessment of today's most popular video conferencing, text chatting, and collaboration tools. The guidance contains a list of security criteria that the NSA hopes companies take into consideration when selecting which telework tool/service they want to deploy in their environments.

Ref - ZDNet

_______________________________________________________________________________________

(May 1, 2020)

Wider adoption of cyber hygiene principles due to COVID-19 pandemic 

Long before COVID-19, some notable behind-the-scenes forces were in motion to elevate cybersecurity to a much higher level. Then COVID-19 came along and obliterated societal norms and standard business practices. A sweeping overhaul of the status quo, foreshadowed by the sudden and acute shift to a predominantly work-from-home workforce, lies ahead. 


_______________________________________________________________________________________

(May 1, 2020)

Protecting home users with Threat & Vulnerability Management amid Coronavirus outbreak

Attackers have shifted their focus to take advantage of the COVID-19 outbreak. To help users effectively identify, assess, and remediate these endpoint misconfigurations, the Microsoft Defender Advanced Threat Protection (ATP) research team has added new assessments to our already rich set of existing secure configuration assessments in Threat & Vulnerability Management (TVM).

Ref - Microsoft

_______________________________________________________________________________________

(May 1, 2020)

New security challenges occur due to Covid-19 lockdown

Coronavirus crisis has brought a temporary change in working practices as a considerable proportion of businesses now have large numbers of employees working from home – and in some cases, the entire workforce has switched to remote working. For CIOs, this means they are suddenly having to cope with a range of new risks, threats, and challenges.

_______________________________________________________________________________________

(May 1, 2020)

Restaurant industry remains a target of cybercriminals during coronavirus outbreak

Amid Coronavirus outbreak, the restaurant industry remains a target because there's a wealth of client data on tap from places with lax security. Restaurants serve food and drinks to customers, but they can also unknowingly serve credit card data to hackers. Due to the volume of credit card transactions and CRM data available, restaurants need to take cybersecurity seriously before a criminal gets wind of the vulnerability.


_______________________________________________________________________________________

(May 1, 2020)

Scammers are now impersonating financial institutions on Instagram

Threat actors are using the novel coronavirus to impersonate accounts on social media. The threat actor created a private Instagram account referencing COVID-19 that used the credit union’s name, its logo, and its link to its legitimate website. The victim received a direct message from the account claiming their profile had been selected to receive a gift. The cybercriminal then followed up with a phone number.


_______________________________________________________________________________________

(May 1, 2020)

New Jersey released best practices guide for healthcare industry amid COVID-19 pandemic

The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) issued an advisory to hospitals and other healthcare organizations that cybercriminals are targeting them with phishing campaigns, ransomware, and other malicious acts referencing COVID-19. Cybercriminals are exploiting the fact that the healthcare sector is consumed with COVID-19 management and response to ramp up attacks.

Ref - JdSupra
_______________________________________________________________________________________

(May 1, 2020)

Two separate attacks targeted 50,000 different Teams users working from home

Due to Coronavirus, people around the world are now working form home and cybercriminals are taking advantage of it. A convincing cyberattack that impersonates notifications from Microsoft Teams in order to steal the Office 365 credentials of employees is making the rounds. Two separate attacks have targeted as many as 50,000 different Teams users.


_______________________________________________________________________________________

(May 1, 2020)

COVID-19 themed phishing attacks are on the rise 

Cyber attackers are leveraging the Covid-19 situation to launch phishing and social engineering attacks. Every nation has seen at least one Covid-19 themed cyberattacks. Every nation has seen at least one Covid-19 themed cyberattacks. Banking, telecom billing, and e-commerce transactions are seen as the major targets for attackers.


_______________________________________________________________________________________
(May 1, 2020)

Cyberattackers are taking advantage of the COVID-19 crisis to disrupt organizations

Cyberattackers are taking advantage of the COVID-19 pandemic to disrupt organizations, but only half technology professionals and leaders are confident their cybersecurity teams are ready to detect and respond to the increasing threats. Only 59 percent say their cybersecurity team has the necessary tools and resources at home to perform their job effectively.


_______________________________________________________________________________________

(April 30, 2020)

The global cybersecurity market size is expected to grow due to COVID-19 outbreak

The impact of COVID-19 on the global cybersecurity market size is expected to grow from USD 183.2 billion in 2019 to USD 230.0 billion by 2021, at a Compound Annual Growth Rate (CAGR) of 12.0% during the forecast period. COVID-19 crisis has transformed the thought process of a company's management and board toward cybersecurity.


_______________________________________________________________________________________

(April 30, 2020)

Security challenges and requirements during coronavirus pandemic

Operating within this temporary new norm isn't easy for business and it also poses a challenge for organizations to actively leverage a mix of on-premise and remote technologies to effectively operate.
In this crisis, manufacturers need to plan and properly secure devices that are fast becoming more complex machines with complex functions.


_______________________________________________________________________________________

(April 30, 2020)

COVID-19 is changing the cybercrime economy in many different ways

As the COVID-19 pandemic pushes the above-ground economy to the brink of a major recession, the cybercrime economy appears to still be hard-charging ahead. And yet, the virus has rapidly reshaped the way business is being done on the Dark Web, as buyers and sellers jump on the opportunity to capitalize on global fears, as well as dramatic shifts in supply and demand.


_______________________________________________________________________________________

(April 30, 2020)

Trickbot campaign targeting email recipients with fake messages 

A new Trickbot campaign has been discovered that currently targets email recipients with fake messages purporting to come from the U.S. Department of Labor (DoL). The spam leverages the Family and Medical Leave Act (FMLA), which gives employees the right to medical leave benefits, as context around COVID-19 in order to distribute the malware.


_______________________________________________________________________________________

(April 30, 2020)

Major spike recorded in COVID-19-themed cyber attacks 

Domestic cybercriminals and nation-state attackers alike are capitalizing on this time of uncertainty – and remote workers are a prime target. The FBI’s Internet Crime Complaint Center (IC3) is currently receiving between 3,000 and 4,000 cybersecurity complaints daily – a massive jump from their normal average of 1,000. Criminals are taking advantage of “the enormously high public interest in information” on COVID-19.


_______________________________________________________________________________________

(April 30, 2020)

Protecting VPNs from DDoS attacks on remote workers amid Coronavirs pandemic

More people are working remotely due to COVID-19 pandemic and VPN gateways are running at or near capacity. Users are accessing corporate resources from their homes and generating unprecedented amounts of network traffic. Because of this, businesses need to remain vigilant by putting DDoS detection and protection front and center in their security protocols.


_______________________________________________________________________________________

(April 30, 2020)

US elections even more vulnerable with COVID-19 pandemic

Cybersecurity experts are increasingly worried that U.S. elections are growing even more vulnerable to outside interference because of the coronavirus pandemic. They say funds to prevent interference and ensure people can vote safely are running thin, despite the fact that Congress has passed $825 million in funding for election security since December.

Ref - TheHill
_______________________________________________________________________________________

(April 30, 2020)

A trove of COVID-19 protective gear and medical supplies are being sold on Dark Web markets

Criminals have continued to leverage the high demand for medical supplies, plaguing the digital world with fake coronavirus-related items that threaten the lives and pockets of consumers everywhere. So while consumers are in a frenzied search of personal protective equipment (PPE), the Dark Web is oozing with a stock of Covid-19 related gear and medical products.


_______________________________________________________________________________________

(April 30, 2020)

COVID-19 outbreak has helped Cybercriminals to better market their cybercriminal wares and services

Many crooks are finding the Coronavirus outbreak has helped them better market their cybercriminal wares and services. The Coronavirus also has driven up costs and disrupted key supply lines for many cybercriminals. One of the more common and perennial cybercriminal schemes is “reshipping fraud,” wherein crooks buy pricey consumer goods online using stolen credit card data and then enlist others to help them collect or resell the merchandise.


_______________________________________________________________________________________

(April 30, 2020)

Coronavirus-themed malware threat activeness heaviest in states where testing has increased

Newly published telemetry data collected by the researchers at Bitdefender implies that U.S. reports of coronavirus-themed malware threat actors have been heaviest in states where testing has increased and the total number of confirmed infections has grown. Among U.S. states, California reported the most threats in both March and April, followed by Texas. New York was third in March, but fell to fourth in April, supplanted by Florida. Ohio rounded out the top five.


_______________________________________________________________________________________

(April 30, 2020)

NHS grants GCHQ access to beef up security during the coronavirus pandemic

Health Secretary of the UK has used emergency powers under the NHS Act of 2006 to give GCHQ special dispensation to access NHS data. This access has been granted to allow GCHQ to examine and boost NHS cybersecurity, amongst other IT systems, in order to better protect the health service from potential cyber threats during the Covid-19 coronavirus pandemic.


_______________________________________________________________________________________

(April 30, 2020)

NSA published a guide for a safe text chat and video conferencing service

The US National Security Agency (NSA) published last week a security assessment of today's most popular video conferencing, text chatting, and collaboration tools. The guidance contains a list of security criteria that the NSA hopes companies take into consideration when selecting which telework tool/service they want to deploy in their environments.

Ref - ZDNet

_______________________________________________________________________________________

(April 30, 2020)

Hospitals are the most targeted entity by ransomware attacks amid COVID19 pandemic

Despite promises from some ransomware groups to avoid targeting healthcare organizations (HCOs) during the COVID-19 crisis, multiple campaigns decided to activate in early April after months of planning. Microsoft’s threat protection intelligence team claimed that the highly targeted “human-operated” attacks it has been monitoring were begun at the start of the year when victim networks were compromised.


_______________________________________________________________________________________

(April 30, 2020)

Cybercriminals are keeping leveraging Coronavirs pandemic to target victims’ data and security

Countries that have reported the largest number of Coronavirus-themed reports seem to have also been those hit hardest by the pandemic. For example, the top countries that reported the largest number of themed-malware reports include the United States, Italy, and the United Kingdom. Many of these attacks usually have a shotgun-shell approach, and attackers seem to have also tried to get to as many victims as possible when targeting these countries.


_______________________________________________________________________________________

(April 30, 2020)

Network security disruption increased after sudden home working culture due to coronavirus lockdown

Nearly two-thirds (64%) of global firms have experienced network security disruption due to the sudden recent shift to home working, with some predicting a major surge in data breaches. Almost a quarter (23%) are experiencing major disruption to network security practices, while 61% said their VPNs have suffered connectivity issues.


_______________________________________________________________________________________

(April 30, 2020)

An increase recorded in scams and phishing attempts that reference COVID-19 outbreak

The coronavirus pandemic has presented cybercriminals with a crisis to exploit, and many are choosing phishing emails as their weapon of choice. According to research from Zscaler, its corporate customers faced an 85 percent increase in COVID-19 phishing attempts from January to March. Several of these emails asked for personal information while masked as government agencies.


_______________________________________________________________________________________

(April 29, 2020)

WebMonitor RAT now bundled with Zoom Installer to target users amid coronavirus pandemic

The coronavirus pandemic has highlighted the usefulness of communication apps for work-from-home (WFH) setups. Many users who working from home using a video chat software “Zoom,” and attackers are taking advantage by leveraging Zoom installers to spread a cryptocurrency miner. Recently a cyber attack is dropping a RAT called “WebMonitor.”


_______________________________________________________________________________________

(April 29, 2020)


A man behind N95 Mask Scam is charged with wire fraud

A Muskegon resident claimed to sold "Anti-Viral N95" masks for more than $40 per mask through the website EMGeneral.com, which happened to be a fake e-commerce company. Stevenson was found using stock photos from the internet to create an entirely fictitious professional management team for his e-commerce company. Some customers were sent emails containing excuses about shipping issues, while claimed to receive cheap fabric masks that did not conform to N95 standards.


_______________________________________________________________________________________

(April 29, 2020)


An interdisciplinary team developed a model for a contact tracing app that protects personal data 

A model for a contact tracing app that protects personal data has been developed by an interdisciplinary team at the Technical University of Munich (TUM). The researchers have created an encryption process that enables people who have come into close contact with a COVID-19-positive individual to be warned without their phones recognizing the infected person’s temporary contact number (TCN).


_______________________________________________________________________________________

(April 29, 2020)


The number of brute-force attacks targeting RDP endpoints rose sharply since the coronavirus pandemic

The number of brute-force attacks targeting RDP endpoints rose sharply since the onset of the coronavirus (COVID-19) pandemic. RDP brute-force attacks increased last month, when most countries around the globe imposed quarantines and stay-at-home orders, forcing companies to deploy more RDP systems online, increasing the attack surface for hackers.

Ref - ZDNet

_______________________________________________________________________________________

(April 29, 2020)


Cybercriminals are turning to AI to make cyber attacks more effective

Cybercriminals are increasingly turning to AI to make cyber attacks more effective and devastating than before, which could be the next big threat after COVID-19. During the COVID-19 epidemic, a vast amount of personal data of millions of people is being collected in almost all countries of the world. 
Several companies or criminal groups are allegedly leveraging the urgency by misusing data of users and causing cyber attacks.


_______________________________________________________________________________________

(April 29, 2020)


A rise in RDP brute-force attacks reported amid Coronavirus pandemic

The spread of COVID-19, organizations worldwide have introduced remote working, and employees working on home computers using remote-access tools. One of the most popular tool used by home users is Microsoft’s proprietary protocol is RDP. Now, cybercriminals are targeting it and as a result, an increase in cybercriminal activity targeting RDP has been reported in the past few months.


_______________________________________________________________________________________

(April 29, 2020)


The COVID-19 detection system targeted by unknown hackers 

Unknown hackers with the “THE0TIME” alias has put up for sale the source code of one of the technologies of the medical company, Huiying Medical Technology, which simply allows using AI (Artificial Intelligence) to detect the coronavirus or COVID-19 infection. The seller has claimed that he managed to gain access to experimental data related to COVID-19.


_______________________________________________________________________________________

(April 29, 2020)


A new e-skimming hack has been targeting WooCommerce amid COVID-19

Security researchers discovered a game-changer in e-skimming attacks on online shopping plugin “WooCommerce,” one that exponentially expands collective attackable surface. This would be a bad situation in normal times, but with the Covid-19 pandemic making many businesses more reliant on e-commerce and virtual transactions, the potential for an increase in poorly secured websites built on the fly is a matter for concern. 

Ref - AdamLevin

_______________________________________________________________________________________

(April 29, 2020)


Cybercriminals started targeting the oil industry with phishing attacks amid COVID-19 

The oil and gas industry has been taking a beating as severe as any other hit hard by the COVID-19 shutdown. Phishing and spear-phishing attacks are on the rise against Nuspire's oil and gas clients, and hackers are getting more sophisticated in avoiding detection. A 10% to 15% increase has been recorded in the number of attacks targeting Nuspire customers.


_______________________________________________________________________________________

(April 29, 2020)

UK businesses reacting to COVID-19 may inadvertently be exposing themselves to serious data loss

Over 500 COVID-19 related scams and over 2,000 phishing attempts have now been reported to UK investigators, resulting in the theft of £1.6m. While many attacks are focused on individuals, businesses are just as at risk. The National Cyber Security Centre (NCSC) has already issued guidance warning businesses to train workers on how to spot the signs of a phishing scam.


_______________________________________________________________________________________

(April 29, 2020)

Around 445 million cyber-attacks recorded since COVID-19 pandemic arises

In the first quarter of 2020, the Arkose Labs network recorded the highest attack rate ever seen. 26.5% of all transactions were fraud and abuse attempts, which is a 20% increase over the previous quarter. With COVID-19 restricting face-to-face interactions across the globe, consumer behavior is in flux and digital transactions are on the rise.


_______________________________________________________________________________________

(April 28, 2020)

Federal Agencies warning about the protection of patient data amid COVID-19 outbreak

The Defense Department, FBI, and other agencies offer steps on how care facilities can secure personal health information. The Defense Department’s assistant inspector general for the operation of cybersecurity audits culled “lessons learned” from past reports to stress the continued importance of protecting sensitive information as the department mobilizes to respond to the coronavirus pandemic.

Ref - NextGov

_______________________________________________________________________________________

(April 28, 2020)

Pirate streaming services and movie piracy sites are dropping malware

Pirate streaming services and movie piracy sites have seen a huge surge of incoming traffic during the COVID-19 pandemic with most people now having to stay inside due to shelter in place and lockdown orders. Malicious actors are taking advantage of this trend trying to infect potential victims with malware delivered via fake movie torrents.


_______________________________________________________________________________________

(April 28, 2020)

Cybercriminals laid the groundwork months ago for ransomware attacks amid COVID-19

The ransomware attackers are actively making coronavirus crisis worse, forcing health care and critical infrastructure organizations to pay up when they can least afford downtime. In many cases, hackers are reaping the rewards of groundwork they laid months ago before Covid-19 fully hit. During the pandemic, the risk of a cyberattack on the hospital has become more dangerous.

Ref - Wired

_______________________________________________________________________________________

(April 28, 2020)

A group of civilian cybersecurity professionals is created to fight coronavirus scams

An exclusive Slack group has been created as a hub for civilian cybersecurity professionals who wanted to stop coronavirus scams. It is like finding a small army of analysts whose expertise could be tapped into at any time. The Cyber Threat Coalition is one of two Slack groups, the CTI League is the other, created by civilian cybersecurity professionals who wanted to put their heads together to try to stem the rising tide of cybercrime.

Ref - NBC News

_______________________________________________________________________________________

(April 28, 2020)

Cybercriminals are pretending to be affected by the COVID-19 pandemic

Cybercriminals are posing as delivery companies and pretending to be affected by the COVID-19 pandemic as a means to trick potential victims into opening malicious email attachments or revealing credentials on phishing websites. The email urges recipients to provide missing information before a forthcoming government lockdown prevents completion of the delivery.


_______________________________________________________________________________________

(April 28, 2020)

Information security and technologies remained strong sectors amid the COVID-19 pandemic

Information security and technologies that speed up the cloud and content delivery remain relatively strong sectors amid the COVID-19 pandemic that has rattled numerous enterprises. Akamai and FireEye firms stood out as companies that are seeing strong demand in part due to an increase in cyberattacks. 

Ref - ZDNet

_______________________________________________________________________________________

(April 28, 2020)

Australian COVID19 Tracking App’s bug making users positive without any test

COVID-19 tracking app introduced by the Australian government has been informing users who haven't even been tested for the novel coronavirus that they have contracted the bug. Many Australians who downloaded the app were confronted with a screen informing them that they had tested positive for coronavirus, despite not having been tested for COVID-19. 


_______________________________________________________________________________________

(April 28, 2020)

A banking Trojan is taking advantage of COVID19 crisis to target users

The banking Trojan Grandoreiro has been taking advantage of the COVID-19 crisis to attack users. The Trojan hides in videos on fake websites that promise to provide vital information about the virus. Attempting to play the video leads to the download of a payload on the visitors’ device. Attackers are targeting users through COVID-19 scams on fake websites.


_______________________________________________________________________________________

(April 28. 2020)


Video call vendors are scrambling to revamp security in a COVID-19 world

Security issues in platforms including Zoom and Microsoft Teams have been made public, with some platforms banned from government and company use. However, on the whole, a new report suggests that vendors are working on improving the situation and the majority of popular teleconferencing solutions now meet at least minimum security standards. 

Ref - ZDNet

_______________________________________________________________________________________

(April 27, 2020)

Phishing campaigns targeting Zoom and Skype user credentials

Hackers are again taking aim at the increased number of remote workers during the COVID-19 pandemic through two new phishing campaigns: one attack method targets Skype credentials, while the other leverages fake Zoom video conferencing meeting notifications. With so many people working from home, remote work software like Skype, Slack, Zoom, and WebEx are starting to become popular themes of phishing lures.


_______________________________________________________________________________________

(April 27, 2020)

Phishing campaign found to be spoofing U.S. Federal Reserve

Some fraudsters have pivoted from using the COVID-19 pandemic as a phishing lure to create fake messages and malicious domains designed to capitalize on various US economic stimulus programs. The latest phishing campaigns include email messages and domains designed to spoof the U.S. Federal Reserve as well as the Small Business Administration.


_______________________________________________________________________________________

(April 27, 2020)


Germany changed its stance on the centralization of data generated from apps combating COVID-19

Germany has changed its stance on the centralization of data generated from mobile apps designed to help combat COVID-19. Until recently, German officials backed the idea of a mobile app that would generate geolocation information, including where a user goes and who they meet, of which this data would be stored centrally. 

Ref - ZDNet

_______________________________________________________________________________________

(April 27, 2020)


Cybercriminals using fake FedEx and UPS delivery issues in COVID-19 phishing

A new wave of phishing scams has been spotted, that utilize a COVID-19 theme and impersonate well-known shipping carriers such as FedEx, UPS, and DHL. In one of the emails, attackers impersonated DHL and stated that a package was being held due to the government lockdown during the Coronavirus crisis. It then prompts the users to make corrections to the attachment shipping document, which will then install the Bsymem Trojan.


_______________________________________________________________________________________

(April 27, 2020)


Hackers are faking Zoom meeting invites to steal user info

Malicious actors are now targeting users with fake Zoom meeting emails in order to steal their personal information and login credentials. This particular phishing scheme weaponizes many people’s fear of losing their job due to the economic downturn during the coronavirus pandemic. These spoofed emails come in the form of a Zoom meeting reminder with HR concerning the termination of the recipient’s employment.


_______________________________________________________________________________________

(April 27, 2020)


Colorado Hospital hit with ransomware attack amid COVID-19

Parkview Medical Center was hit with a ransomware attack on April 21. As of 27 April, the hospital's website still displayed a message saying it was "currently experiencing a network outage." The cyberattacks involved ransomware, rendering the hospitals' patient records systems inoperable. In a statement, Parkview said that a cyberattack, which it declined to specify, resulted in an outage of a number of its IT systems.


_______________________________________________________________________________________

(April 27, 2020)

Piracy site Popcorn Time active again to capitalize on COVID-19 lockdowns

A notorious website for pirated content has released a new child-friendly version to filter inappropriate content for younger users. Popcorn Time leaped to fame with a mission of making illegal content as easy to access as Netflix. It was originally pulled back in 2014 and resurrected several times in the interim before making another recent comeback to capitalize on COVID-19 lockdowns and stay-at-home orders.


_______________________________________________________________________________________

(April 27, 2020)


COVID patients’ information disclosed after a data breach incident

The National Privacy Commission (NPC) is looking into incidents of unauthorized disclosure on social media of personal information of more than 150 individuals who are either suspected or confirmed to have the coronavirus disease 2019 or COVID-19. It received 17 personal data breach notifications involving 154 suspected or confirmed COVID-19 patients from March 15 to April 23.

Ref - PhilStar

_______________________________________________________________________________________

(April 27, 2020)


Operators of scam-service issuing fake passes to move around amid COVID-19 lockdown is detained

Group-IB and the Moscow Department of Information Technology have helped Moscow police in identifying and detaining the operators of a fraudulent online service, selling fake digital passes to the residents of Moscow and Russian regions to move around the cities during the COVID-19 lockdown. A total of 126 fraudulent online resources websites were discovered.


_______________________________________________________________________________________

(April 27, 2020)


Zoom users are being targeted with phishing emails

As the coronavirus epidemic led to lockdown, so organizations around the world adopted work from culture and uses of video meeting and chatting tools increased. But cybercriminals are taking advantage of this situation by launching a phishing attack posing as Zoom meeting notifications and asking recipients to join a Zoom meeting regarding their supposed termination.


_______________________________________________________________________________________

(April 27, 2020)


Microsoft has patched a worm-like vulnerability in its Teams workplace

Amid coronavirus pandemic, use of video chat platforms have increased along with the security challenges they pose. For example, Microsoft has patched a worm-like vulnerability in its Teams workplace video chat and collaboration platform that could have allowed attackers to take over an organization's entire roster of Teams accounts just by sending participants a malicious link to an innocent-looking image.


_______________________________________________________________________________________

(April 27, 2020)


Google takes strong action with Gmail and G-Suite to tackle COVID-19 related cyber attacks

Gmail blocks over 100 million phishing emails and more than 240 million COVID-19 related spam messages on a typical day. In G Suite, the advanced phishing and malware controls are now turned ON by default, to make sure that all G Suite users automatically have these proactive protections in place. In addition, it also appointed a full-time dedicated team called Project Zero to prevent targeted attacks by reporting bugs to software vendors and recording them in external databases.

Ref - LiveMint

_______________________________________________________________________________________

(April 27, 2020)

Staggering 30,000% increase reported in COVID19 related cyber attacks

Zscaler, a security firm is claiming to have seen a tremendous 30,000% increase since January in detected phishing, malicious websites, and malware designed to capitalize on the COVID-19 crisis. The firm’s cloud security platform had stopped 380,000 attacks targeting home workers in March, up from just 1200 at the start of the year.


_______________________________________________________________________________________

(April 27, 2020)

U.S. Government Small Business Administration spoofed in COVID-19 scam to drop Remcos RAT

A phishing campaign is uncovered targeting small businesses that appear to originate from the U.S. Government Small Business Administration (SBA.gov). The emails, which include subjects and attachments related to the need for small businesses to apply for disaster relief loans or provide application status following the impact of the ongoing COVID-19 pandemic, eventually deliver Remcos RAT to those who open the attachments.


_______________________________________________________________________________________

(April 27, 2020)

Australia and US cyber diplomats called for an end to attacks on medical facilities

Australia's cyber diplomats have called for an end to attacks on medical facilities, such as the recent cyber attack on one of the Czech Republic's biggest COVID-19 testing laboratories. The US also notes the threat to the Czech healthcare sector, saying it has "zero tolerance" for malicious cyber activity against its partners in the fight against the pandemic.

Ref - ZDNet

_______________________________________________________________________________________

(April 27, 2020)

Australia’s Department of Health released a privacy assessment for COVIDSafe tracing app

As the Australian government launched COVIDSafe tracing app, the Department of Health also released a privacy assessment of the app. The report was prepared by law firm Maddocks and contains 19 recommendations, along with others that were made during the development of the app. Also, the app information will be passed only to state agency-based contact tracers.

Ref - ZDNet

_______________________________________________________________________________________

(April 27, 2020)

GitHub user creates a huge repository of all IOCs related to COVID related attacks

A GitHub user (a student at Oxford) has created a repository of all Indicators of Compromise (IOCs) related to COVID-19 related cyber-attacks so far. All the IOC's are used directly involved coronavirus / COVID-19 / SARS-CoV-2 cyber attack campaigns. Some of the IOCs are associated with threat groups such as “APT36,” which has been known to use this pandemic to target their victims. 
 
Ref - GitHub
 
 _______________________________________________________________________________________

(April 27, 2020)

Amazon piloting the use of video conference calls to verify the identity of merchants

Amazon.com Inc is starting the use of video conference calls to verify the identity of merchants who wish to sell goods on its websites, in a new plan to counter fraud (many of them using COVID-19 pandemic) without in-person meetings in the pandemic. Amazon said its pilot began early 2020 and included in-person appointments with prospective sellers.

Ref - Reuters

_______________________________________________________________________________________

(April 27, 2020)

Two million Australians downloaded coronavirus tracing app within hours of its release

Around two million Australians rushed to download an app designed to help medical workers and state governments trace close contacts of COVID-19 patients. Health Minister Greg Hunt said 1.89 million Australians have downloaded the tracing app CovidSafe as of 1600 (0600 GMT) on Monday, more than 7% of the country’s population.

Ref - Reuters

_______________________________________________________________________________________

(April 27, 2020)

Israel’s Supreme Court ruled that the government must legislate COVID-19 phone-tracking

Israel’s Supreme Court ruled on Sunday that the government must bring its use of mobile phone tracking deployed in the battle against the new coronavirus under the legislation. The court stated that the government must introduce legislation by April 30 and finish it within a few weeks if it wanted to continue tracking people’s phones in its efforts to stop the coronavirus from being spreading.

Ref - Reuters
_______________________________________________________________________________________

(April 27, 2020)

Many remote workers haven’t been given any form of cybersecurity training past twelve months

COVID-19 pandemic has brought a new wave of cyberattacks targeting remote workers, but a lack of training has resulted in the majority not taking threats seriously. A study of remote workers by app security company Promon found that six percent of remote workers haven’t been given any form of cybersecurity training in the past 12 months, with 77 percent saying they aren’t worried about their cybersecurity while working from home.


_______________________________________________________________________________________

(April 26, 2020)


Google and Apple are going to launch Covid-19 tracking tool soon

Apple and Google have been working on the contract-tracing tool (later changed to ‘exposure notification’) to fight the spread of novel coronavirus in the world. Recently, both the tech giants also announced that they were putting stronger privacy protections in their upcoming COVID-19 contact-tracing tool and will also launch a developers version.

Ref - LiveMint

_______________________________________________________________________________________

(April 26, 2020)


Around 3067 COVID-19 related cyber-attacks recorded in Q1 2020

Gulf Cooperation Council (GCC) countries have recorded 3,067 email, URL, and file threats related to the COVID-19 coronavirus in Q1 2020. As the COVID-19 coronavirus continues to spread, the topic is being used in many malicious campaigns, including email spam, business email compromise (BEC), malware, ransomware, and malicious domains.

Ref - SME10X

_______________________________________________________________________________________

(April 25, 2020)

Bluetooth vulnerabilities in Contact tracing apps can be exploited 

As governments around the world turn to contact tracing apps to aid in their efforts to contain the coronavirus, cybersecurity experts are warning this may spark renewed interest in Bluetooth attacks. If exploitable vulnerabilities are left unpatched, many devices could be breached by hackers and the user's personal data stolen.

Ref - ZDNet
_______________________________________________________________________________________

(April 25, 2020)

Cyberattackers taking advantage of COVID-19 pandemic are not sophisticated or novel

CrowdStrike and other security firms have observed that cybercriminal groups and online scammers are using fear about the pandemic to boost malicious campaigns. Malicious actors are using fake “health update” messages and lure promising “stimulus aid” to carry out attacks on users. It’s becoming more likely that the crisis is pushing malicious activity.


_______________________________________________________________________________________

(April 24, 2020)

Cyberattacks increased after WHO’s password leak incident 

The World Health Organisation (WHO) has seen a "dramatic" increase in cyberattacks since the pandemic started. The health organization had announced that around 450 active WHO email addresses and passwords were recently leaked online, along with thousands belonging to others working on the coronavirus response. Now there has been an increase in scammers impersonating it in phishing emails.

Ref - ZDNet

_______________________________________________________________________________________

(April 24, 2020)

CEO of Kaspersky Lab considers cyberattacks on hospitals during the COVID-19 as an act of terror 

Speaking at an online press conference, Eugene Kaspersky, the founder and CEO of IT security giant Kaspersky Lab, likened the cyberattacks on hospitals during the COVID-19 pandemic to the acts of terror. He stated that any attack made on a hospital at this time can be seen as equivalent to a terrorist attack.


_______________________________________________________________________________________

(April 24, 2020)

Scammers relaunch an old phishing scam to steal personal data

Fraudsters are once again leveraging the covid-19 lockdown for malicious purposes, by resurrecting an old phishing ruse – free Heineken beer kegs. The fake Heineken promotion was sent to UK consumers via WhatsApp and advertised as a limited-time offer of free beer for anybody willing to fill out a one-minute survey. The company has also released a statement on its Twitter account to stay away from this ‘Free Beer’ phishing scam.


_______________________________________________________________________________________

(April 24, 2020)

National Health Service’s website used to distribute stealer Trojan

A cybersecurity researcher has identified an NHS’s fraudulent site, which claims to offer downloadable advice surrounding the ongoing pandemic. The hackers have created a fake version of the NHS website capable of injecting malware and harvesting personal data. The available download infects the user with a stealer Trojan.


_______________________________________________________________________________________

(April 24, 2020)

The number of successful ransomware attacks against certain sectors is declining

Campaigns against government agencies, educational establishments, and healthcare providers aren't proving as successful as expected for the cybercriminals. Some ransomware gangs have vowed to hold off on attacks against hospitals and healthcare providers as the world battles COVID-19. But the number of successful ransomware attacks against certain sectors has actually declined, falling down from around 250 per quarter in 2019 to below 100 per quarter in 2020.


_______________________________________________________________________________________

(April 24, 2020)

Vietnamese state-backed cyber campaign targeted Chinese health authorities

Vietnamese state-backed hacker APT32 launched intrusion campaigns against Chinese targets between January and April 2020. The purpose of the intrusions was to collect intelligence on the COVID-19 crisis. In recent years, ties between Hanoi and Beijing have nose-dived, primarily over the South China Sea, where both sides are the territorial and maritime claimant.


_______________________________________________________________________________________

(April 24, 2020)

Amid COVID-19 pandemic ensuring the security of data becomes a challenge

Amid the lockdown, dependence on digital channels for daily interactions and transactions has increased. This has rendered sensitive data vulnerable, which is now accessible via a multitude of devices running on home networks. With almost all operations moving from safer corporate IPs to relatively more exposed home networks, businesses, and companies across the globe are finding it challenging to ensure the security of data.

Ref - PCQuest

_______________________________________________________________________________________

(April 24, 2020)

An ongoing Skype phishing campaign stealing users’ credentials

Due to the coronavirus pandemic, many organizations have switched to work from home, and the use of Skype increased for that reason. But hackers are taking advantage of it by launching a phishing campaign leveraging malicious emails to spoof video calling platform Skype in order to steal users’ account credentials.

Ref - TripWire

_______________________________________________________________________________________

(April 24, 2020)

Information and data sharing is very important in COVID19 efforts

In times of coronavirus crisis, the need for information is critical, and the COVID-19 pandemic provides a clear illustration of this. Healthcare officials and policymakers need data to inform their responses; and leaders across sectors need data to understand the impact of the crisis on their businesses. In such situations, threat intelligence can be shared using the Cyware Situational Awareness Platform (CSAP) to alert all key personnel about emerging threats.


_______________________________________________________________________________________

(April 24, 2020)

Amazon Web Services (AWS) bagged data storage contract for Australia's COVID-19 contact tracing app

Amazon Web Services (AWS) has been handed the data storage contract for Australia's soon-to-be-launched COVID-19 contact tracing app. Uploaded contact information will be saved in Australia in a highly secure information storage system and protected by further laws to regulate access to health professionals only.

Ref - ZDNet

_______________________________________________________________________________________

(April 24, 2020)

Apple, Google releases new contact tracing API specs, security, accuracy measures

Apple and Google released more technical details about their efforts to create contract-tracing tools. Amongst the changes made to the API they will provide to others, are stronger encryption standards, more accurate Bluetooth signals and more. The metadata associated with Bluetooth will be encrypted now and data about who a user has been retained on the device for 14 days, and will be deleted after that.

Ref - LiveMint

_______________________________________________________________________________________

(April 23, 2020)

Consumers could be vulnerable to COVID-19 spam campaigns

More than 6,000 percent increase has been detected in COVID-19-related spam, with lures ranging the full gamut of challenges and concerns facing individuals from phishing emails impersonating the Small Business Administration (SBA) and the WHO to the US banking institutions offering relief funds. Cybercriminals are being very calculative with their attacks and continue to pivot their tactics to lure victims.


_______________________________________________________________________________________

(April 23, 2020)

Data leak incident occur at the government of Nagaland website

A major data breach in the government of Nagaland website has led to personal details of many individuals being exposed. Personal information including bank account details, AADHAAR number, phone numbers, address, etc. has been leaked into the public domain. The data was shared by individuals wishing to avail the monetary package announced by the government due to the nationwide COVID-19 lockdown.

Ref - EastMojo
_______________________________________________________________________________________

(April 23, 2020)

Zoombombers are hijacking video chats and terrorizing AIDS activists

A group of AIDS activists is the latest victims of Zoombombers, hackers who hijack video sessions on teleconferencing platforms like Zoom. The hackers hacked their video chats and made obscene gestures and screened pornography. "Zoombombing", named for incidents on the video platform Zoom, has become increasingly common during the COVID-19 pandemic, and marginalized groups are frequent victims. 


_______________________________________________________________________________________

(April 23, 2020)

Attackers are sending spam emails to steal victims’ Skype credentials

Remote workers are being warned of a new phishing campaign targeting their Skype passwords. The phishing emails look “eerily similar” to a legitimate Skype notification alert, according to a report released by Cofense. Emails indicate users have 13 pending Skype notifications that can be checked by clicking a “Review” button. This button redirects victims to some malicious links having a phishing scam setup to steal personal details.


_______________________________________________________________________________________

(April 23, 2020)

Chinese ministry targeted by Ocean Lotus in search of information related to the coronavirus pandemic

The security firm “FireEye” has disclosed that it believes hacking group Ocean Lotus, also known as APT32 and sponsored by the Vietnamese government, was involved in a spear-phishing campaign targeting members of the Wuhan government and Chinese Ministry of Emergency Management in search of information correlated to the coronavirus pandemic that is spreading around the world.

Ref - ZDNet

_______________________________________________________________________________________

(April 23, 2020)

IcedId banking malware actively harvesting tax-related information amid COVID-19

The group behind IcedID banking malware has been targeting tax software and using custom kits to solicit important documentation from unsuspecting users. Attackers are targeting tax returns and are actively harvesting the data, due to the COVID-19 pandemic which has caused tax day to be extended to July 15. The tax information seems to be for a prior year, which is usually necessary for filing current taxes.


_______________________________________________________________________________________

(April 23, 2020)

WHO’s staff credentials leaked working on COVID-19 response

World Health Organization (WHO) has announced a recent leak of 450 active WHO email addresses and passwords along with credentials of thousands working on the response to the coronavirus pandemic. But the organization also said that this leak didn’t put the organization’s systems at risk, explaining that its systems were largely spared because the data was not recent.


_______________________________________________________________________________________

(April 23, 2020)

Fivefold increase reported in COVID-19 cyberattacks 

World Health Organization has seen a dramatic increase in the number of cyberattacks directed at its staff, and email scams targeting the public at large. Some 450 active WHO email addresses and passwords were leaked online along with thousands belonging to others working on the novel coronavirus response.

Ref - WHO

_______________________________________________________________________________________

(April 23, 2020)

COVID-19 pandemic is making the energy industry more vulnerable to cyberattack

Working remotely is the top priority for utilities, but this also exposes the energy industry to new cyber-risks coming both from inside and outside the walls of its cyber defenses. Utility CEOs and board members are now facing a unique blend of cyber and safety risks. Utilities will need to iteratively adapt cybersecurity protocols to protect operations as each trend shapes the new reality.

Ref - WeForum

_______________________________________________________________________________________

(April 22, 2020)

China still hacking Uighurs’ iPhones amid its COVID-19 crisis

China is one of the first countries to lockdown over the first months of 2020, as COVID-19 began its global spread. But that didn't stop suspected Chinese spies from carrying out a new smartphone-hacking campaign aimed at Uighur ethnic minority. From as early as Dec. of 2019 and continuing through March 2020, Chinese hackers used so-called "watering hole" attacks to plant malware on the iPhones of Uighurs, even during the spread of coronavirus.

Ref - Wired

_______________________________________________________________________________________

(April 22, 2020)

Google’s Threat Analysis Group disclosed the latest findings and threats related to COVID-19

Across Google products, bad actors are using COVID-related themes to create urgency so that people respond to phishing attacks and scams. Google’s systems have detected 18 million malware and phishing Gmail messages per day related to COVID-19, in addition to more than 240 million COVID-related daily spam messages.

Ref - Google

_______________________________________________________________________________________

(April 22, 2020)

Gates Foundation and WHO employees are targeted with absurd conspiracy theories

A network of neo-Nazi extremists is found to be circulating data dump of what appears to be the email addresses and passwords of members of the Gates Foundation, World Health Organization (WHO), Center for Disease Control and Prevention (CDC), and a virology centre based in Wuhan, China. The data dump appears to be an attempt at intimidating several of the leading government and non-governmental groups currently leading the fight against the worldwide coronavirus pandemic.

Ref - VICE

_______________________________________________________________________________________

(April 22, 2020)

APT32 targeting the Wuhan government and the Chinese Ministry of Emergency Management

From January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets. Mandiant Threat Intelligence believes that the campaigns were designed to collect intelligence on the COVID-19 crisis. Spear phishing messages were sent by the actor to China's Ministry of Emergency Management as well as the government of Wuhan province, where COVID-19 was first identified.

Ref - FireEye

_______________________________________________________________________________________

(April 22, 2020)

Hackers launched “COVID-19 Stimulus Check” scams to steal money

Cybercriminals are using the delivery of stimulus checks as another way to launch a scam. The FBI explains that scammers are leveraging the COVID-19 pandemic to steal user’s money, user’s personal information, or both. The FBI has sent out a warning for the American public to be on the lookout for COVID-19 check scams.

Ref - SDtek

_______________________________________________________________________________________

(April 22, 2020)

Netflix and Disney+ streaming platform targeted with #COVID19 phishing scam

Hackers are turning their attention to streaming services in an ongoing bid to capitalize on the current COVID-19 pandemic and increase their own profits. An email security vendor revealed that it had spotted the registration of over 700 suspicious domains created to impersonate the Netflix brand. The recently launched Disney+ service is also coming under increasing scrutiny from cybercriminals looking for money.


_______________________________________________________________________________________

(April 22, 2020)

Concerns over COVID19 related Contact Tracing application security

Concerns have been raised by many experts regarding “solutions” to the current COVID-19 pandemic, including contact tracing apps. The concerns center around where the GPS data is stored, as the academics said it was vital not to create a tool that enables large scale data collection, either now or at a later time. They also suggested to avoid development of apps which allow reconstructing invasive information about the population.


_______________________________________________________________________________________

(April 22, 2020)

COVID-19 Relief Fund of the U.S found to be leaking data on thousands of firms

Thousands of US businesses may have had personal information (PII) leaked online after a government agency’s error with applications for economic relief led to problems. The Small Business Administration (SBA) claimed that a problem was discovered with the online portal used by businesses to apply for Economic Injury Disaster Loans (EIDLs). Unspecified “personally identifiable information” linked to 7900 businesses may have been disclosed to other applicants of the program.


_______________________________________________________________________________________

(April 22, 2020)

Top officials at the World Health Organization targeted by hackers

Top officials at the World Health Organization are being targeted by hackers as they work on the global response to the coronavirus pandemic. WHO’s security team has seen an increasing number of attempted cyberattacks on the officials since mid-March. WHO itself hasn’t been hacked, but employee passwords have leaked through other websites.

Ref - Yahoo

(April 22, 2020)


_______________________________________________________________________________________

Hundreds of online COVID-19 related scams disrupted

Federal authorities announced that an ongoing cooperative effort between law enforcement and private-sector companies, including multiple internet domain providers and registrars, has disrupted hundreds of internet domains used to exploit the COVID-19 pandemic to commit fraud and other crimes. In some cases, fraudulent sites were operated by public health organizations or agencies.

Ref - Justice

_______________________________________________________________________________________

(April 22, 2020)


Cybercriminals are taking advantage of COVID-19 to launch phishing attacks

Cybercriminals are taking full advantage of the COVID-19 pandemic to launch phishing attacks. In the first quarter of 2020, over 600% increase was detected in COVID-19 phishing attacks and there were over 18 million daily COVID-19 specific phishing and malware attacks. It is suggested that this is the right time to use the Domain-based Message Authentication, Reporting, and Conformance (DMARC) solution.

Ref - ZDNet

_______________________________________________________________________________________

(April 22, 2020)


Phishing hotline sending 5,000 suspicious emails in a single day

Over 80 coronavirus-related phishing and scam websites are taken down just one day after the UK's National Cyber Security Centre asked for the public to report suspicious emails. Just 24 hours after the “Suspicious Email Reporting Service” went online, the NCSC received over 5,000 reports of potentially suspicious websites, and 83 cybercriminal campaigns were taken down in the same duration. It adds to the 2,000 taken down already.

Ref - ZDNet

_______________________________________________________________________________________

(April 22, 2020)


Zoom adding security measures to reassure users after data leak

Zoom, the videoconferencing service whose popularity has soared during the coronavirus pandemic, stated that it is adding security measures to its software following scrutiny from independent researchers. The next upcoming version of “Zoom” will have stronger encryption for data sent between participants in a meeting to prevent tampering. It will allow Zoom account administrators to decide which parts of the world they route their data through.


_______________________________________________________________________________________

(April 22, 2020)


New York Department of Financial Services (“NYDFS”) issued guidance regarding COVID-19 pandemic

New York Department of Financial Services (“NYDFS”) announced guidance to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic. The guidance classifies three areas of heightened cybersecurity risks due to the COVID-19 pandemic: remote working, third-party risk, and increased phishing and fraud attacks.


_______________________________________________________________________________________

(April 22, 2020)


Hundreds of websites removed in efforts to counteract a huge surge in COVID-19 scams

U.S. Department of Justice is extending its efforts to prevent a huge surge in internet scams related to the coronavirus pandemic. Federal officials announced that their ongoing cooperation between the government and a range of technology companies has resulted in the removal of hundreds of malicious websites that included “coronavirus,” “covid19” and related phrases in their names.

Ref - CyberScoop

_______________________________________________________________________________________

(April 22, 2020)

Providers of domain name registration services are under pressure because of COVID-19 cyber attacks

A large increase in malicious website registrations has prompted concern from US lawmakers. The providers of domain name registration services are under pressure to make sure they are doing all they can to stop scammers from setting up fake websites to prey on people looking for information related to the COVID-19 pandemic. Letters have been sent to eight domain name registrars and hosting services asking about what they were doing to combat COVID-19-related scams.


_______________________________________________________________________________________

(April 22, 2020)

Hackers from Vietnam targeted Chinese government over coronavirus response

The threat group “APT32” had tried to compromise the personal and professional email accounts of staff at China’s Ministry of Emergency Management and the government of Wuhan. The threat group is known to be working on behalf of the Vietnamese government. It was observed targeting governments, businesses, and health agencies in search of information about the new disease and how they are trying to combat it.

Ref - Reuters

_______________________________________________________________________________________

(April 22, 2020)

Overall online criminality remained steady even though COVID-19 scams on the rise

The number of COVID-19-themed scams is on the rise since the start of 2020, but overall online cyber criminality has remained steady. The threat level is pretty much the same, and apparently cybercriminals have just shifted their focus, their lures, and their phishes exclusively for COVID-19 significantly.


_______________________________________________________________________________________

(April 21, 2020)

More companies are getting compromised after coronavirus lockdown

The number of firms potentially compromised each week is still growing. Earlier, the number of companies compromised in Finland per week was around 200. Now it swiftly jumped to 800. In several cases, it was observed that hackers are turning passive compromise cases (dormant systems or infected system not used for any malicious activities) into active compromise cases. Due to the COVID-19 pandemic, most employees are now working from home and using home routers and VPNs, which are not designed to prevent malicious communications that were previously hindered due to company firewalls.


_______________________________________________________________________________________

(April 21, 2020)

U.K. government’s furlough scheme targeted by opportunistic hackers

Just after a few minutes of the U.K. government’s furlough scheme going live, it was targeted by opportunistic cybercriminals by imitating the country’s tax collection agency. Hundreds of phishing emails were sent in people’s inboxes inviting them to click on a link that guides them to what looks like an HMRC (HM Revenue and Customs) furlough claim website that asks people to fill in their personal, card and bank account details. 

Ref - CNBC

_______________________________________________________________________________________

(April 21, 2020)

A major increase spotted in coronavirus-themed spam on the internet 

According to IBM’s threat intelligence sharing platform, X-Force, the COVID-19 pandemic has created a unique opportunity for cybercriminals and it led to a 4,300% increase in coronavirus-themed spam on the internet since February. Cybercriminals are using the coronavirus outbreak to speed up their business, with virus themed sales of malware assets on the Dark Web.

Ref - Live Mint

_______________________________________________________________________________________

(April 21, 2020)

WhatsApp scams promising free streaming services on the rise

The demand for streaming services due to COVID-19 lockdown has driven an increase in fraudulent streaming services and related scams. Some messages falsely promise free memberships in exchange for users' account information. Many of these scams are distributed on social media such as WhatsApp, where attackers have greater visibility and a higher likelihood that someone will fall for their tricks.


_______________________________________________________________________________________

(April 21, 2020)

Cybercriminals are capitalizing worldwide level of concern surrounding the COVID-19

Cybercriminals are taking benefit of the worldwide level of attention surrounding the COVID-19 coronavirus to launch an insidious new round of attacks that are much more powerful than previous cyber-attacks. A lot of phishing campaigns are found to be taking advantage of the fear and uncertainty of coronavirus pandemic. Most of the attacks include emails offering vaccines or treatments for COVID-19.

Ref - Forbes   

_______________________________________________________________________________________

(April 21, 2020)

Evasive Formbook campaign found to be using COVID-19 themes

Research into COVID-19 threats by FortiGuard Labs suggests about a spam email campaign running in the wild. The spam email is full of spelling mistakes and grammar issues and carries Formbook payload. But the interesting angle taken by this attacker is that it mimics to come from a biomedical company focused on life science research, with distributors worldwide. One target for this spearphishing campaign is a chemical company in the Czech Republic.

Ref - Fortinet

_______________________________________________________________________________________

(April 21, 2020)

Cybercriminals are targeting U.S. military organizations with COVID-19 spearphishing schemes

The Department of Defense Cyber Crime Center (DC3) disclosed that cybercriminals have been targeting U.S. military organizations with coronavirus-related spearphishing schemes. Attackers behind the campaign aren’t just targeting defense industrial base companies and their networks, their main goal is to break into systems run by the Department of Defense.


_______________________________________________________________________________________

(April 21, 2020)

Cyber complaints concerning coronavirus are on the rise

The FBI has received thousands of complaints regarding scams and frauds related to the virus, as they received more than 3,600 complaints regarding coronavirus scams. This uptick gives the FBI an additional set of investigations to handle at a time when its agents are already busy trying to combat economic espionage and ward off election interference.

Ref - NYTimes

_______________________________________________________________________________________

(April 21, 2020)

Phishing campaign stealing Zoom credentials via fake layoff notifications

A phishing campaign is spotted, stealing Zoom credentials and tricking email recipients into thinking they are about to be laid off amid the pandemic. The attackers anticipate potential victims will click on a malicious link that supposedly links to a Zoom meeting hosted by human reRefs. This campaign targeting Office 365 users and so far spread around 50,000 mailboxes.

Ref - SCMagazine

_______________________________________________________________________________________

(April 21, 2020)

A WiFi hacking program distributing a Coronavirus-themed malware

A fake WiFi hacking program is found to be delivering a new Coronavirus-themed malware that tries to lock a user out of Windows while making some very irritating sounds. The malware identified as 'CoronaLocker' and was spotted by security researcher “Max Kersten” after one of his friends became infected by a program identified as 'wifihacker[.]exe'.


_______________________________________________________________________________________

(April 21, 2020)

Governments are using Email Reporting Service to handle COVID-19 scams

A “pioneering” Suspicious Email Reporting Service is launched by the National Cyber Security Centre (NCSC) to help those users, who continue to be bombarded by COVID-19-themed phishing attacks. The scheme is created to make it a lot easier for members of the public to report online scams including those taking benefit of widespread interest in the COVID-19 pandemic.


_______________________________________________________________________________________

(April 21, 2020)

Australia's COVID-19 contact tracing app will not have access to Commonwealth 

The Prime Minister of Australia has said that the government is carefully working through the security concerns and technical assurances of Australia's soon-to-be-launched COVID-19 contact tracing app. The application only collects data and puts it into an encrypted national store, which can only be accessed by the states and territories. The data will be locked in an encrypted data store that can only be accessed by state health "detectives." 

Ref - ZDNet

_______________________________________________________________________________________

(April 21, 2020)

Healthcare and pharma sector is a major victim of COVID-19 related cyber attacks

The global healthcare sector is targeted by an array of cyber-attacks taking advantage of COVID-19 fear. The healthcare sector mostly relies on the IT backbone to operate and that’s why targeted by cyber-attacks. This backbone includes radiology information systems (RIS), Hospital Information Systems (HIS) involving laboratory information systems (LIS), policy and procedure management systems (PPM), personal health records (PHR), and also the email servers.


_______________________________________________________________________________________

(April 21, 2020)

Cyber Criminals are creating scam sites to steal personal information of visitors

Cybercriminals are using scam and phishing techniques to target and hack into the massive stimulus packages released by governments after COVID-19 pandemic shutting down major parts of the global economy. Any user who visits these malicious websites is at risk of losing their personal information for payment theft and fraud. In March 2020, around 2,081 new domains were registered, out of which 38 were malicious and 583 were suspicious.


_______________________________________________________________________________________

(April 21, 2020)

Nation-state hackers are looking for COVID-19 related research

Hackers backed by a government or state-sponsored are targeting companies tasked with researching COVID-19. In some cases, hackers intrude into systems and perform reconnaissance. When a company publicly discloses that they are investigating or researching the COVID-19 disease, the firm becomes a target for hackers. Hackers often try to steal their proprietary information to see what the institutions are doing.


_______________________________________________________________________________________

(April 21, 2020)

Web traffic and attack trends are affected by COVID-19

A report from the security firm “Imperva” disclosed that the food and beverage industry experienced more web attacks globally (+6%), mainly in Germany (+125%). There were more attacks on the financial industry both globally (+3%) and in particular countries like Italy (+44%), UK (+21%), and Spain (+18%). These targeted countries are also the most affected countries by the COVID-19 pandemic.


_______________________________________________________________________________________

(April 20, 2020)

Hackers are selling MP3 files on Dark Web to cure coronavirus

Someone on Dark Web is found to be selling an MP3 file, who claims that listening to this music three to six times a day can help to kill the Coronavirus because of its frequency. In reality it just a scam created by scammers to fool users into paying money for useless MP3 files. Hackers were also found selling non-existent ventilators and alcohol sanitizers.

Source - HackRead

_______________________________________________________________________________________

(April 20, 2020

Major tech groups demanding coalition to defend against cyberattacks 

Cybercriminals have stepped up their efforts to target both organizations and individuals during the ongoing COVID-19 pandemic. Major technology groups, which include Microsoft, Amazon Web Services, Adobe, Verizon, McAfee, Palo Alto Networks and many other leading cybersecurity organizations, demanded that Congress should send funds to state and local governments to fight against cyberattacks.

Source - TheHill

_______________________________________________________________________________________


(April 20, 2020)

A government coronavirus tracking app leaking user data

A mobile application offered to the government of the Netherlands to track COVID-19 is found to be leaking user data. The application named as “Covid19 Alert,” is one of seven applications introduced to the Ministry of Health, Welfare, and Sport. The shortlisted mobile app's source code was published online for scrutiny as the government decides which solution to back. However, the source files included user data originating from another application.

Source - ZDNet

_______________________________________________________________________________________

(April 20, 2020)

Kogan delivery firm admitted suffering a cyber attack

Kogan has confirmed one of its delivery companies suffered a cyber attack during one of its biggest shopping seasons. The incident took place as Kogan experienced one of its biggest sales uplifts as the coronavirus pandemic escalated in Australia and New Zealand. The retailer claimed the attack on the unnamed partner resulted in the loss of tracking information for thousands of transiting items alongside other operational issues.

Ref - ArnNet

_______________________________________________________________________________________

(April 20, 2020)

Hackers trying to exploit Israeli government financial aid via phishing scams

Hackers were observed exploiting the roll-out of the Israeli Government’s financial relief plans for coronavirus. More than 4,300 domains relating to the new stimulus or relief packages have been registered since January 1, which are suspected to be used for phishing scams or other malicious intentions, like obtaining personal details or other financial gains.

Ref - JPost

_______________________________________________________________________________________

(April 20, 2020)

COVID-themed lures target SCADA sectors with data-stealing malware

A new malware campaign has been observed using coronavirus-themed lures to strike government and energy sectors in Azerbaijan. The scam uses the PoetRAT Remote Access Trojan (RAT) capable of exfiltrating sensitive documents, passwords, keystrokes, and even capture screenshots from the webcam.


_______________________________________________________________________________________

(April 20, 2020)

SMS Phishing increased during this pandemic crisis and targeting Indian users

SMiShing or SMS Phishing is a prevalent threat vector that has increased during the Coronavirus pandemic crisis, specifically within India and it is targeting Indian users. A text message discovered masquerading to be from the Income Tax Department of India. Upon clicking the link, it redirects the user to URL that appears to be a phishing page of the Income Tax Department of India.


_______________________________________________________________________________________

(April 20, 2020)

Microsoft report identifies Trickbot as the most prolific #COVID19 malware

The data collected by the Microsoft Security Intelligence team suggests that Trickbot is the most prolific malware operation using COVID-19 themed lures. Its malicious campaigns within the past few weeks used several hundreds of unique macro-laced document attachments in emails that pretend to be as messages coming from a non-profit offering a free COVID-19 test. But overall, there is no visible spike in cyber attacks, it is possibly just restructuring and diversion of existing campaigns with COVID-19 lures.


_______________________________________________________________________________________

(April 20, 2020)

The Information Commissioner's Office (ICO) provides clearance to COVID-19 contact tracing apps

ICO, the UK’s privacy regulator, has approved the contact tracing project that Google and Apple are working to end current COVID-19 lockdowns. The proposed project ‘Contact Tracing Framework’ or CTF claims to be aligned with the principles of data protection and uses Bluetooth technology and exchange of frequently changing anonymous identifier beacons to track and trace infections. It can notify the users if they have been in the vicinity of someone who subsequently tests positive for the virus.

_______________________________________________________________________________________

(April 18, 2020)

Cybercrime reports increased four times during COVID-19 pandemic

An FBI official said this week that the bureau has seen a spike in cybercrime reports since the onset of the coronavirus (COVID-19) pandemic. Speaking in an online panel hosted by the Aspen Institute, FBI Deputy Assistant Director said the number of reports has quadrupled compared to months before the pandemic.

Ref - ZDNet

_______________________________________________________________________________________

(April 18, 2020)

Cybercriminals are stealing data with fake ‘corona’ links

Cybercriminals are now pretending to offer cheap COVID personal loans or selling COVID insurance at a throwaway premium in India. Some people get calls asking for OTP promising credit of the government’s Garib Kalyan cash dole. Individuals are receiving a (fake) message which claims to provide a loan to manage any financial crisis, but which eventually steals the victim’s personal data.


_______________________________________________________________________________________

(April 18, 2020)

The German government losses tens of millions of euros in a COVID-19 phishing attack

The German state of North Rhine-Westphalia is believed to have been targeted by a COVID-19 themed phishing attack, resulting in losses worth tens of millions of euros. The cybercriminals created fake copies of the official website developed by NRW Ministry of Economic Affairs and used them it target thousands of victims to collect their personal details. These details were then used to file for government aids, resulting in losses of €31.5 million ($34.25 million) and up to a maximum of €100 million ($109 million) into fraudulent bank accounts.

Ref - ZDNet

_______________________________________________________________________________________

(April 17, 2020)


Ransomware attacks skyrocketed 148% amid COVID-19 pandemic

Ransomware attacks skyrocketed 148% in March, correlated to crucial days in the COVID-19 news cycle, implying that attackers are being opportunistic and using breaking news to take advantage of vulnerable populations. Some of these notable spikes include a 48% spike in attacks over baseline levels on Jan. 30 when the first COVID-19 case was disclosed by the U.S government.


_______________________________________________________________________________________

(April 17, 2020)

Oakland county leaks its COVID-19 related data

The internal COVID-19 data used by the Oakland County, Michigan, health department was briefly exposed to the public via WeChat application. The leak involved a non-public map, 
that included information about COVID-19 infected victims, such as gender, race, age, address, and mortality status. The map was unintentionally marked as public, resulting in the leak.

Ref - GovTech

_______________________________________________________________________________________

(April 17, 2020)

FBI official says foreign hackers have targeted COVID-19 research

At a recent panel discussion hosted by the Aspen Institute, a senior cybersecurity official with the FBI stated that the agency had recently detected malicious activity by foregin hackers targeting COVID-19 related research activities. The official said that the agency witnessed reconnaissance activity, and some intrusions, into those institutions that were publicly identified as working on COVID-19 research.

Ref - Reuters

_______________________________________________________________________________________

(April 16, 2020)

COVID-19 related spear-phishing attacks are rising

A report from the Barracuda security company revealed that coronavirus or COVID-19-related spear-phishing attacks are on the rise since January 2020. Between March 1 and March 23, around 467, 825 spear-phishing email attacks were detected. Also, 9,116 of those detections were linked with COVID-19, factoring about 2 percent of attacks. In comparison, a total of 1,188 coronavirus-related spear-phishing attacks were spotted in February, and only 137 were spotted in January.


_______________________________________________________________________________________

(April 16, 2020)

Malvertising campaign taking advantage of COVID-19 targeting IE users to steal their information

Cybercriminals have begun to adjust their malvertising campaigns to adapt their malicious ads, making them relevant to the COVID-19 crisis. They were seen using website names appearing to host information related to the coronavirus pandemic but instead were hosting the Fallout Exploit Kit to distribute Kpot v2.0 to people using outdated versions of Internet Explorer (IE). The kit tries to exploit a vulnerability in Adobe Flash Player (CVE-2018-15982), and a remote execution vulnerability in the VBScript engine (CVE-2018-8174) affecting multiple Windows versions.

Ref - Avast

_______________________________________________________________________________________

(April 16, 2020)

Google warns Gmail users about coronavirus phishing attacks

To prevent Gmail users from falling prey to coronavirus scams, Google has blocked 18 million COVID-19 themed phishing emails last week. The company is adapting its machine-learning models to battle scammers who are taking advantage of the pandemic. Google also stated that its blocking 240 million COVID-related spam messages every day.

Ref - ZDNet

_______________________________________________________________________________________

(April 16, 2020)

PoetRAT uses COVID-19 lures to target Azerbaijan public and private sectors

Security researchers at Cisco Talos reported a new attack campaign targeting the Azerbaijan government and energy sector. The threat actors used COVID-19 lures in the form of Word documents to drop the PoetRAT malware, a trojan written in Python, that is eventually used to steal victims’ files, passwords, and even images from the webcam.  


_______________________________________________________________________________________

(April 16, 2020)

Zoom-bombing disrupted a House Oversight committee meeting

According to a letter sent to the House Oversight Committee chairwoman by Rep. Jim Jordan, a high level Zoom meeting of the US government was disrupted by attackers, despite warnings against using it.

Ref - ZDNet

_______________________________________________________________________________________

(April 16, 2020)

Hackers are selling a critical Zoom zero-day exploit for $500,000

According to a new report by Motherboard, hackers are selling two new critical zero-day vulnerabilities in the video conferencing software, Zoom, that could allow someone to hack users’ accounts and spy on their calls. The two zero-day flaws affect Zoom’s Windows and macOS clients.


_______________________________________________________________________________________

(April 16, 2020)

Syrian surveillance campaign spreads malware in coronavirus apps

A Syrian state-sponsored hacking campaign has been found distributing coronavirus-themed applications that actually contain spyware. The current campaign is believed to be a part of a larger espionage operation running since at least January 2018. 


_______________________________________________________________________________________

(April 16, 2020)

Coronavirus-themed malware attacks bank customers via Chrome plugin

Researchers from Eset discovered a new malware attack campaign targeting Spanish banking customers to steal their banking credentials using the Grandoreiro trojan. The attackers lure users using COVID-19 themed videos to infect their machine with a fake Chrome browser plugin designed to steal their credentials. 


_______________________________________________________________________________________

(April 15, 2020)

Criminals found to be selling COVID-19 infected blood on the Dark Net

A darknet vendor claims to be giving coronavirus-infected blood for sale, which he says he has injected into bats. The store owner alleges that the blood was extracted from his hospitalized father. He is charging 0.005 BTC per bat. It is not clear whether the vendor is actually selling infected blood, or just looking to scam victims out of their Bitcoin (BTC).

_______________________________________________________________________________________

(April 15, 2020)

Linksys forces password reset for router users

Networking equipment maker, Linksys, has asked its router users to reset their passwords in the wake of recent attacks. Linksys routers were targeted in a recent campaign by attackers who redirected users to COVID-19 themed malicious sites to infect them with malware.


_______________________________________________________________________________________

(April 15, 2020)

House members seek $400 million to help states deal with cyber threats

In a recent letter, four Congress members have urged the federal government to allocate $400 million in dedicated funding to help state and local governments deal with increased cyber risks during the COVID-19 pandemic. The members suggest that the next planned coronavirus relief package being negotiated by Congress should include these additional funds.


_______________________________________________________________________________________

(April 15, 2020)

COVID-19 has united cybersecurity experts, but will that unity survive the pandemic?

The ongoing healthcare cybersecurity crisis has led to the formation of various volunteer groups such as the COVID-19 Cyber Threat Coalition (CTC), which comprises roughly 3,000 security professionals. This has helped in collecting, vetting and sharing new intelligence about new cyber threats during the pandemic. In this article, Brian Krebs discusses whether this kind of collaboration is expected to continue in the future.


_______________________________________________________________________________________

(April 15, 2020)

Fresh COVID-19 scams spread malware

A new report by researchers from Palo Alto Networks has revealed that cybercriminals are using COVID-19 lures in new phishing scams to spread ransomware and information stealers. The campaigns target healthcare firms, research facilities, and government agencies in the US, Canada, Europe, and elsewhere.


_______________________________________________________________________________________

(April 15, 2020)

New flight refund scam steals users’ financial details

Researchers at the security firm, Mimecast, warned of a new phishing scam that preys on COVID-19 fears to trick recipients into filling a fake flight ticket refund form to receive their money back. However, the form actually steals their personal and financial information and sends it to the attackers.


_______________________________________________________________________________________

(April 15, 2020)

CERT-In warns organizations about potential spike in cyberattacks on VPN

Computer Emergency Response Team of India (CERT-In) released a fresh advisory, warning organizations of cybercriminals who pose as genuine back-end support staff and try to extract sensitive data from gullible employees. The agency also alerted of an increase in attacks against VPNs used by numerous organizations.


_______________________________________________________________________________________

(April 15, 2020)

PPE, COVID-19 medical supplies targeted by BEC scams

In a warning posted on the FBI website, the federal agency stated that it was aware of multiple incidents wherein state government agencies were tricked into making advanced fund transfers to both domestic and foreign fraudulent brokers and sellers for purchasing PPE and other medical items.


_______________________________________________________________________________________

(April 15, 2020)

A 148% spike recorded in ransomware attacks amid COVID-19 pandemic

In March 2020, ransomware attacks hiked 148% over baseline levels from February 2020. Notable spikes in attacks can also be correlated to key days in the COVID-19 news cycle, hinting attackers are being opportunistic and leveraging breaking news to take advantage of vulnerable populations. 


_______________________________________________________________________________________


(April 15, 2020)

ACSC issues FUD-busting COVID-19 WFH guide

Australian Cyber Security Centre (ACSC) has issued a thorough fresh advisory with guidelines and the do's and don’ts of web conferencing and collaboration tools while working from home. This is intented to help protect users from threat actors that are taking advantage of the COVID-19 pandemic to target remote workers.


_______________________________________________________________________________________

(April 15, 2020)

Scammers exploit coronavirus for Business Email Compromise (BEC) campaigns

Cybercriminals were found deploying coronavirus-themed socially engineered emails to trick unsuspecting employees into directing payments to their accounts by impersonating legitimate authorities. BEC scams are three times more likely to work in favor of the bad actors than traditional phishing attempts.


_______________________________________________________________________________________

(April 15, 2020)

Employee account takeover in the age of COVID-19

Cybersecurity experts and government officials have warned organizations of the rising employee and customer account takeover attacks since many people working remotely face added cyber risks. There are thousand of new scams and malware being launched and spread to potential targets to obtain their credentials.

Ref - Enzoic

_______________________________________________________________________________________

(April 14, 2020)

Microsoft opens AccountGuard to healthcare providers on COVID-19 front lines

In the wake of cybersecurity incidents that have affected the activity of hospitals and clinics during the COVID-19 outbreak, Microsoft announced that it would freely provide AccountGuard, its anti-phishing protection system, for all healthcare organizations working on the front lines of the pandemic.

Ref - ZDNet

_______________________________________________________________________________________

(April 14, 2020)

Canadian coronavirus response workers targeted in ransomware attack

According to new research by Palo Alto Networks, two Canadian organizations involved in the COVID-19 response, were targeted in recent ransomware attacks. The two organizations included a public health agency and a university engaged in COVID-19 response and research efforts.


_______________________________________________________________________________________

(April 13, 2020)

Over 500,000 Zoom accounts sold on hacker forums

Security researchers at Cyble discovered a trove of over 500,000 Zoom account credentials being sold on dark web forums. It included credentials belonging to users from well-known companies such as Chase, Citibank, educational institutions, and more.


_______________________________________________________________________________________

(April 13, 2020)

Hackers exploit Coronavirus to ‘surge’ attacks on the Pentagon

Thousands of employees of the US Department of Defense have begun working from home due to the ongoing health crisis. This has given hackers an opportunity to target them with new specialized lures and exploits. Consequently, the Pentagon has witnessed an exponential rise in phishing and malware attacks on its employees over the past few months.

Ref - US News

_______________________________________________________________________________________

(April 13, 2020)

Hackers file fake tax returns in scheme to steal IRS refunds

Weber and Company, a California-based accounting firm, reported that attackers are trying to obtain large tax refunds by impersonating its clients to file fraudulent tax returns. The fraudsters apparently accessed clients’ personal information including their Social Security numbers and bank account details.


_______________________________________________________________________________________

(April 13, 2020)

Workplace concerns exploited to distribute malware

Researchers at PhishLabs detected a couple of new phishing campaigns that distributed the Zeus banking trojan and the Nanocore RAT. The first campaign sent emails titled “Preparing business and employer’s work environment for a coronavirus (COVID-19) outbreak prevention,” while the latter one sent emails disguised as package delivery updates from a global logistics company.

Ref - PhishLabs

_______________________________________________________________________________________

(April 13, 2020)

Pandemic could make schools bigger targets of ransomware attacks

With the adoption of distance learning during the COVID-19 pandemic, attackers are looking to target schools through various new attack vectors. Security researchers warn that the pandemic could increase the risk of ransomware attacks on schools. Within the first three months of the year, at least 17 school districts and colleges were hit by ransomware attacks.


_______________________________________________________________________________________

(April 13, 2020)

Privacy concerns in coronavirus contact tracing

While private technology companies and government agencies join hands to contain the spread of the coronavirus, security experts have warned about potential privacy issues in new “contact tracing” technologies. Experts noted that apps being built to warn people of coming in contact with infected individuals, must avoid breach of private user information in the process.

Ref - CNBC

_______________________________________________________________________________________

(April 12, 2020)

Zoom-related threats up 2,000%

Between February and March, the security firm Webroot detected an increase of over 2,000% in malicious files and exploits with zoom in the name. As the web traffic for Zoom has increased significantly in the last few months, researchers indicate that the increase in malicious Zoom-themed exploits is likely to continue.

Ref - Forbes

_______________________________________________________________________________________

(April 12, 2020)

UK government using confidential patient data in coronavirus response

As per a new report by the Guardian, technology companies are processing large volumes of confidential UK patient information in a data-mining operation that is part of the UK government’s response to the COVID-19 outbreak. Palantir, a US-based big data firm, and Faculty, a British AI startup, are reportedly working together to consolidate government databases to help government officials respond to the pandemic.


_______________________________________________________________________________________

(April 10, 2020)

Coronavirus scam losses for US consumers rise to $12 million 

According to data from the Federal Trade Commission (FTC), US consumers lost nearly $12 million to coronavirus related scams since the beginning of the year. The federal agency received over 15,000 consumer complaints in 2020.  

Ref - CNET

_______________________________________________________________________________________

(April 10, 2020)

Apple, Google to turn smartphones into Coronavirus tracking devices

To aid the fight against the COVID-19 outbreak, Apple and Google have partnered up to create a contact tracing technology that will enable governments and health workers to more effectively monitor and track the spread of the infection across the population.


_______________________________________________________________________________________

(April 10, 2020)

Cyber threats facing IRS stimulus payments

Security experts have observed that the IRS website for collecting bank account information from Americans who don’t usually file a tax return, could be vulnerable to identity theft and other kinds of malicious attacks. Fraudsters could intercept stimulus payments by taking advantage of lax identification requirements on the non-filer portal.


_______________________________________________________________________________________

(April 10, 2020)

Dell releases BIOS security tool

To improve endpoint security for employees working from home during the pandemic, Dell has released the new tool called SafeBIOS Events and Indicators of Attack (IoA). This tool provides organizations the ability to check the security status of their employee devices by detecting changes in BIOS configurations, which will indicate potential attacks.

Ref - Neowin

_______________________________________________________________________________________

(April 10, 2020)

Cryptocurrency scams drop under COVID-19

According to researchers at Chainalysis, the total daily funds sent to cryptocurrency scams dropped 61% between March 13 and March 31, though it has bounced back up since then. Most of the scam revenue losses were concentrated in investment scams and Ponzi schemes.


_______________________________________________________________________________________

(April 10, 2020)

Coronavirus-driven online shopping driving more payment card skimming

Security experts have warned that the surge in online shopping due to the ongoing lockdown across many countries, has provided an opportunity for hackers to target shoppers through credit card-skimming attacks on e-commerce sites.


_______________________________________________________________________________________

(April 09, 2020)

Phishing emails impersonate the White House and VP Mike Pence

Email security firm Inky discovered phishing emails impersonating US President Donald Trump and Vice President Mike Pence in a new campaign that distributes malware or performs extortion scams. The phishing emails claim to provide the latest "Coronavirus Guidelines for America" and prompt recipients to click on a link to download a document.


_______________________________________________________________________________________

(April 09, 2020)

LA respiratory hospital hit by supplier data breach

An email account compromised at Healthcare Resource Group (HRG) last year may have affected the data for current and former patients of Barlow Respiratory Hospital, Los Angeles. The leaked data varied for different patients, however, it included social security numbers, driver’s license numbers, medical records, and insurance and billing claims information, among other details.


_______________________________________________________________________________________

(April 09, 2020)

Cisco ‘Critical Update’ phishing attack steals Webex credentials

Security researchers warned of an ongoing phishing campaign that spread emails asking users to install a ‘Critical Update’ for Cisco Webex. When the victims would click on the embedded link in the email, it would lead to a spoofed Cisco login page designed to steal their Webex credentials.


_______________________________________________________________________________________

(April 09, 2020)

Cybercriminal forums offer discounts during pandemic

According to research from the security company Group-IB, cybercriminals are posting on hacker forums using COVID-19 themed promotional codes and discounts to sell distributed denial of service (DDoS) attack tools, spamming, and other services.


_______________________________________________________________________________________

(April 09, 2020)

Hackers have hit every country on Earth with coronavirus-themed cyberattacks

New research by Microsoft has revealed that hackers have shifted their phishing lures and attack themes to take advantage of the COVID-19 pandemic to conduct attacks across 241 nations and territories throughout the world. 


_______________________________________________________________________________________

(April 09, 2020)

FBI, US government warn on spike in coronavirus scams

A new advisory released by the FBI warned that cybercriminals are increasingly taking advantage of the ongoing health crisis to perpetrate Business Email Compromise (BEC) schemes to trick organizations into performing fraudulent financial transactions.

Ref - Fox News

_______________________________________________________________________________________

(April 09, 2020)

Facebook sues company founder for aiding COVID-19 scammers

Facebook filed a lawsuit against the founder of LeadCloak for aiding COVID-19 scammers by violating Facebook Terms and Policies through its cloaking software and services designed to circumvent Facebook’s automated ad review systems.


_______________________________________________________________________________________

(April 09, 2020)

COVID-19: Privacy and Cybersecurity Regulatory and Enforcement Guidance

Experts at the National Law Review discuss the guidance released by the European Data Protection Board (EDPB), California Attorney General, US Department of Health & Human Services (HHS), Consumer Financial Protection Bureau (CFPB), and the US Federal Trade Commission (FTC), with regards to enforcement of cybersecurity and privacy laws during the COVID-19 pandemic.


_______________________________________________________________________________________

(April 09, 2020)

Taxpayers warned of COVID-19 cyberattacks

The Indian Income Tax Department has asked taxpayers to be vigilant of possible breach of their e-filing accounts due to increased cybercrime activity targeting online platforms due to the COVID-19 pandemic.

Ref - ET CiSO

_______________________________________________________________________________________

(April 09, 2020)

Zoom has fixed an eavesdropping issue tied to 'waiting rooms'

The video conferencing company, Zoom, addressed a security issue in its platform that allowed random users in Zoom waiting rooms to eavesdrop on meetings without requiring an approval to attend it.


_______________________________________________________________________________________

(April 09, 2020)

Singapore bans schools from using Zoom

After an incident where hackers hijacked a school class streaming through Zoom, the Education Ministry of Singapore has decided to prohibit the use of Zoom for home-based learning until its security issues are resolved, as a precautionary measure.


_______________________________________________________________________________________

(April 09, 2020)

Online "COVID-19 Quizzes" could be collecting personal data, public warned

The Chartered Trading Standards Institute (CTSI) of UK has warned social media users about a number of “COVID-19 quizzes” spreading online that claim to test people’s knowledge on the pandemic but actually ask other unrelated questions to collect their personal information.


_______________________________________________________________________________________

(April 09, 2020)

COVID-19 themed HawkEye phishing campaign targets healthcare sector

Security researchers at Anomali identified a phishing campaign that is spreading the HawkEye commodity malware via Rich Text Format (RTF) documents attached to phishing emails impersonating an academic researcher to target a medical university.

Ref - Anomali

_______________________________________________________________________________________

(April 08, 2020)

The Cybersecurity of Health

Experts at the Council on Foreign Relations (CFR) discuss the need for a patient-centric approach to the cybersecurity of healthcare technology systems that has surfaced during the coronavirus pandemic.


_______________________________________________________________________________________

(April 08, 2020)

Cybersecurity breaches leave Oakland and Berkeley students exposed

At least two Bay Area school districts, in Oakland and Berkeley, have suffered cybersecurity breaches amidst the shift to online learning due to school closures under the COVID-19 pandemic.


_______________________________________________________________________________________

(April 08, 2020)

Microsoft: Under 2% of all daily malspam uses COVID-19 lures

As per research by Microsoft, there is no noticeable spike in malware activity due to the COVID-19 pandemic. However, the tech giant found that hackers are shifting their phishing lures and tactics to take advantage of the ongoing pandemic.

Ref - ZDNet

_______________________________________________________________________________________

(April 08, 2020)

Microsoft shares new threat intel on COVID-19 attacks

Microsoft observed 76 threat variants to date globally using COVID-19 themed lures. The tech giant also reported that every country in the world has seen at least one COVID-19 themed attack and provided a mapping of the threats on the global map.

Ref - Microsoft

_______________________________________________________________________________________

(April 08, 2020)

Google bans employees from using Zoom

Citing security and privacy issues that have plagued the Zoom video conferencing platform, Google has followed in the footsteps of several other major organizations in banning its employees from using it during the remote working conditions under the COVID-19 pandemic.

Ref - The Verge

_______________________________________________________________________________________

(April 08, 2020)

ICANN calls for crackdown on coronavirus website scams

The Internet Corporation for Assigned Names and Numbers (ICANN) called for all domain name registrars to take steps to prevent cybercriminals from preying on members of the public with coronavirus-related scams and exploits.


_______________________________________________________________________________________

(April 08, 2020)

Threat actors adapt to exploit the global pandemic

Researchers have observed that threat actors behind cyberespionage activity, malspam campaigns, and state-sponsored attacks are adapting to exploit the heightened interest in the information related to the coronavirus pandemic. 


_______________________________________________________________________________________

(April 8, 2020)

The U.S. and U.K. issued a joint warning for Coronavirus-themed phishing attacks

The governments of the U.S. and U.K. issued a joint warning for Coronavirus-themed phishing attacks. The warning is issued after the number of attempted phishing emails are increased fourfold over the course of March. Hackers based in countries such as North Korea, Russia, and China are using COVID-19 pandemic as lures in cyber-attacks. They are sending phishing emails offering fake information related to the coronavirus.

Ref - Bloomberg

_______________________________________________________________________________________

(April 08, 2020)

DHS CISA and UK’s NCSC release joint alert on COVID-19 cyberattacks

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) jointly released an alert detailing the cyberattacks leveraging the ongoing COVID-19 pandemic. The alert also provides a non-exhaustive list of indicators of compromise (IOCs) for detection, as well as mitigation advice.

Ref - US-CERT

_______________________________________________________________________________________

(April 08, 2020)

Mozilla freezes Firefox security and privacy updates

To prevent affecting site compatibility for users working from home during the COVID-19 outbreak, Mozilla has decided to halt the release of security and privacy updates for its Firefox web browser.

Ref- ZDNet

_______________________________________________________________________________________


(April 07, 2020)

Threat actors spread modified legitimate COVID-19 apps

Security researchers at the ZeroFOX Alpha Team have uncovered malicious Coronavirus-themed mobile apps in various countries which are modified versions of legitimate apps released by government agencies.  


_______________________________________________________________________________________

(April 07, 2020)

Europol arrests COVID-19 scammer

Europol arrested an individual for involvement in a COVID-19 themed scam which defrauded a pharmaceutical company out of €6.64 million and laundering the money through international transactions.

Ref - ZDNet

_______________________________________________________________________________________

(April 07, 2020)

Microsoft and Google postpone insecure authentication removal

Due to the changed circumstances under COVID-19 pandemic, Microsoft has postponed the removal of Basic Authentication from Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, and Remote PowerShell. Google also announced that it will delay the decision to block less secure apps from accessing G Suite account data.


_______________________________________________________________________________________

(April 07, 2020)

Scammers use COVID-19 stimulus fund lures

In a new scam campaign, cybercriminals were found impersonating financial institutions to steal from American citizens who are expecting stimulus checks from the US federal government.


_______________________________________________________________________________________

(April 07, 2020)

BEC gift card scams leverage online stores during pandemic 

Scammers are impersonating company CEOs and other executives in new scam campaigns where they ask victims to buy digital gift cards by giving different reasons such as an employee bonus or a vendor payment.


_______________________________________________________________________________________

(April 07, 2020)

Cybercriminals target NASA during the pandemic

According to a new statement by a NASA official, the agency is facing nearly double the number of phishing attempts and an exponential increase in malware attacks during the COVID-19 pandemic.


_______________________________________________________________________________________

(April 06, 2020)

Scammers target superannuation in COVID-19 crisis

The Australian Competition & Consumer Commission (ACCC) issued an alert about scammers who are trying to exploit Australian citizens by claiming to give them early access to their superannuation funds due to the COVID-19 crisis.


_______________________________________________________________________________________

(April 06, 2020)

INTERPOL and Europol issue alerts on Covid-related cyberattacks

Alongside a number of other cross-border law enforcement agencies, Europol and INTERPOL have issues alerts regarding the COVID-19 themed scams and cybercrime campaigns.


_______________________________________________________________________________________

(April 06, 2020)

COVID-19 phishing attacks target Brazilians

According to a new study by Kaspersky, Brazilian users are being increasingly targeted by COVID-19 themed phishing attacks. The company reported a 124% increase in attacks in the month of March.

Ref - ZDNet

_______________________________________________________________________________________

(April 06, 2020)

FBI cracks down on Zoom-bombing

In response to the rise in zoom-bombing attacks over the last few months, the FBI warned that it would crack down on cybercriminals who hijack web conferences with charges punishable by fines and even jail time.


_______________________________________________________________________________________

(April 06, 2020)

COVID-19 brings new cybersecurity challenges

Experts at ZDNet highlight the impact of COVID-19 on cybersecurity practices across various organizations, the upsurge in COVID-19 related cybercrime, and how individuals and organizations are adapting to this changing scenario.

Ref - ZDNet

_______________________________________________________________________________________

(April 05, 2020)

Upsurge in fake COVID-19 testing, vaccines, and investment scams 

Authorities in Kentucky have been examining drive-up coronavirus testing sites that promise same-day results for $250. A Texas-based website was offering a COVID-19 vaccine until the authorities put a restraining order against the operators. In Virginia, telephone fraudsters - posing as local hospital personnel - informed people about coronavirus exposure and tried convincing them to visit the fake test sites. In New York, the state Attorney General ordered a Utah-based company to stop selling its product, which claimed to be an effective treatment for coronavirus. To put a halt to the rising coronavirus scams, the Justice Department has asked all U.S. attorneys to designate a coordinator for all fraud cases in their districts. Besides, people found guilty for spreading the fear of the virus could be imposed with federal terrorism offenses.

Ref - USA Today

_______________________________________________________________________________________

(April 05, 2020)

A Coronavirus robocall fraud knocked-off

Recently, YouMail, a robocall blocking software, captured a voicemail that said: “If you want to receive a free testing kit delivered overnight to your home, press one.” Suspecting this information, YouMail forwarded it to the Industry Traceback Group (ITG), a crew of telecommunications experts led by USTelecom. Using the information, the ITG traced a call, which hinted at a Philippines-based phone company, VoIPMax. According to ITG, VoIPMax was facilitating fraudulent COVID-19 robocalls in the U.S. Within 24 hours, the provider tracked the customer and disabled their account.


_______________________________________________________________________________________

(April 05, 2020)

The Rise of Coronavirus scammers

With the emergence of coronavirus, fraudsters are making attempts to capitalize on the terrors caused by the virus. In Louisville, KY, a group of scammers disguised as medical professionals and tested people for COVID-19. According to the Louisville Metro Council, about 100 people were conned into handing over their money, credit card details, and social security numbers. In order to address the economic fallout, the Justice Department has formed a task force to audit price-gouging and has also instructed prosecutors to prioritize fraud cases.


_______________________________________________________________________________________

(April 04, 2020)

New 'Text Direction Deception' technique bypasses email filters

Security researchers from Inky Technologies detected a new phishing technique called "text direction deception." Using this technique, attackers can force an HTML rendering engine to correctly display text that has been deliberately entered backward in the code. The researchers warned that the technique could be used by threat actors in ongoing COVID-19 phishing attacks.


_______________________________________________________________________________________

(April 04, 2020)

FTC and FCC bust COVID-19 robocall scams

With the exploding coronavirus pandemic across the U.S., the number of robocalls scams have also multiplied. These scam calls pitch customers with free testing services, medical treatment, and health insurance covers related to COVID-19. To handle the situation, the Federal Communications Commission (FCC) and Federal Trade Commission (FTC) have issued warning letters, asking service providers to protect their consumers from COVID-19 robocall frauds or face prohibition from the U.S. phone networks. Also, the FTC advises hanging up on and blocking robocalls and not to respond to unknown numbers.


_______________________________________________________________________________________

(April 03, 2020)

New COVID-19 campaign spreads Drive the Life trojan variant

360 BaiZe Labs reported a new worm module added by the Drive the Life series trojan that uses users’ email accounts to send COVID-19 related phishing emails to their email contacts. The new module, referred to as “BlueTea Action,” sends phishing emails titled “The Truth of COVID-19” and it contains a malicious RTF file attachment designed to exploit the CVE-2017-8570 vulnerability.  


_______________________________________________________________________________________

(April 03, 2020)

Cybersecurity and privacy best practices during the pandemic

Experts at the National Law Review compiled a list of COVID-19 related security best practices shared by various federal agencies, including the CISA, Financial Industry Regulatory Authority (FINRA), Department of Health and Human Services (HHS), FBI, Federal Trade Commission (FTC), and the Consumer Financial Protection Bureau (CFPB).


_______________________________________________________________________________________

(April 03, 2020)

Are you maintaining virtual social-distancing?

According to FortiGuard Labs, threat groups that were not seen to be active since 2011 or 2012, have resurfaced now and are contributing to the chaos created by coronavirus scammers. People need to be more vigilant of such scams and start practicing virtual social distancing to avoid being a victim.


_______________________________________________________________________________________

(April 3, 2020)

Coronavirus (COVID-19) pandemic opens up more opportunities for cybercriminals

COVID-19 has upended work and home life for most of us. The shift to remote working and fears about the virus has led to a surge in phishing attempts, with cybercriminals moving quickly to take advantage of the new world reality. Phishing and email scams have long been among the most popular and effective methods used by cybercriminals.

Ref - EY

_______________________________________________________________________________________

(April 3, 2020)

Governments around the world are warned of privacy laws when tracking COVID-19

Some 110 human rights and civil society organizations from around the world have jointly called for all governments to adhere to human rights laws when using digital surveillance technologies to track and monitor individuals and populations to combat the spread of the novel coronavirus. Organizations claimed that these are extraordinary times, but human rights law still applies.

Ref - ZDNet

_______________________________________________________________________________________

(April 03, 2020)

Nigerian Prince is on the move

The outbreak has given 419 scams with the Nigerian Prince theme, a greater opportunity to evolve. To capitalize on the coronavirus pandemic, threat actors are repurposing the Nigerian Prince type of scams to send messages related to coronavirus.

Ref - PhishLabs

_______________________________________________________________________________________

(April 03, 2020)

Coronavirus-Themed Attacks are Superior to Typical Phishing Scams

In a recent study by Menlo Security, the researchers found COVID-19 related phishing attacks flourishing in the wild. From February to March, the number of successful attacks rose from 200 to 6,400. This demonstrates the number of people who visited a malicious website after clicking on a link in a coronavirus-themed phishing email.


_______________________________________________________________________________________

(April 03, 2020)

Coinminer bundled with Zoom installer

Researchers from Trend Micro discovered an attack campaign spreading the legitimate Zoom app installer bundled with a malicious Coinminer file, through fraudulent websites.


_______________________________________________________________________________________

(April 03, 2020)

Keeping Coronavirus scams at bay

You can stop the spread of COVID-19 scams by keeping your systems safe and protected. Keep your passwords strong and enable multi-factor authentication if it’s available. The best way to protect yourself from coronavirus scams is to only trust information from genuine sources. 

Ref - Avast

_______________________________________________________________________________________

(April 02, 2020)

New scam campaigns leverage COVID-19 fears

Security researchers reported a rise in malspam campaigns leveraging the COVID-19 scare to spread malware such as the Agent Tesla keylogger, Netwire remote access trojan, and more.


_______________________________________________________________________________________

(April 02, 2020)

US anticipates expansion of Mobile Voting 

Despite the rising coronavirus scams, two states will offer the option to cast a vote using mobile phones in the upcoming elections. Initially, the option will be given to people with disabilities, eliminating the risk of their movement to polling places. Going forward, the option will extend to voters in the military or state residents based overseas. 
 

_______________________________________________________________________________________

(April 02, 2020)

COVID-19 Cybersecurity for Remote Teams

Researchers at Apptega compiled a list of security measures for employees working from home. The researchers discuss the key challenges in remote network access, identity access management, data protection, defending against phishing and ransomware threats, and more. 


_______________________________________________________________________________________

(April 02, 2020)

Italian social security site hacked

Cybercriminals targeted the social security website of Italy which led to a disruption in the processing of financial relief applications amidst the ongoing COVID-19 pandemic. The website, operated by the Istituto Nazionale della Previdenza Sociale (INPS), was reportedly receiving 100 application requests per second at the time of the attack.

Ref - Forbes

_______________________________________________________________________________________

(April 02, 2020)

US Secret Service alerts companies about COVID-19 scams 

This week, the US Secret Service informed corporate America about illicit COVID-19 emails that contain malicious attachments. The attacks may impersonate organizations or government bodies that employees are in contact with. According to the cybersecurity company, Akamai, attackers may also target employees with text messages related to coronavirus.

Ref - CNBC

_______________________________________________________________________________________

(April 02, 2020)

Fake Coronavirus emails from real domains

Last month, WHO sent an email, seeking donations for its Covid-19 Solidarity Response Fund. The email address was “donate@who.int”; who.int is the real domain name of the WHO. The email was a scam and not sent by the WHO, but from an attacker making attempts to reap benefits during a global crisis. Eventually, the impersonator revealed themselves, asking for bitcoin in donations.

Ref - Vox

_______________________________________________________________________________________

(April 02, 2020)

Londoners hit by scam messages

Scammers were found targeting Londoners with fake notifications texts accusing them of violating the country’s lockdown rules and asking them to pay a £35 fine for it. The scam messages included links to a phishing page designed to steal the victims’ banking credentials.


_______________________________________________________________________________________

(April 02, 2020)

Fooling employees to steal Office 365 credentials

Security researchers from PhishLabs reported a scam campaign that leveraged employee concerns about the health of their coworkers to trick them into giving up their Microsoft Office 365 credentials. The scam emails falsely claimed that the recipients’ colleague had succumbed to the COVID-19 virus.

Ref - PhishLabs

_______________________________________________________________________________________

(April 02, 2020)

WHO impersonation campaign

Security researchers discovered yet another spear-phishing campaign impersonating the WHO through emails claiming to provide COVID-19 guidance. The emails contain an ARJ file attachment that acts as a decoy to infect the victims with the LokiBot infostealer.

Ref - Fortinet

_______________________________________________________________________________________

(April 02, 2020)

With Coronavirus comes a plateful of email scams

From script kiddies to state-sponsored groups, hackers are taking advantage of the COVID-19 pandemic as an opportunity to gain grounds when most of their targets are tormented, perplexed, and working from home. As per the report from the security firm, Proofpoint, four out of five fraud emails include malicious messages, attachments, and URLs with coronavirus themes. According to the company, there has been a significant rise in credential phishing led by various hacking groups. Lately, the UK's Financial Conduct Authority (FCA) has warned savers about the threat of coronavirus-themed attacks. Also, the UK's cybersecurity agency and its European counterpart have issued guidelines for people working from home.
 
Ref - ZDNet

_______________________________________________________________________________________

(April 02, 2020)

New COVID-19 themed data wiping malware

Researchers have discovered four new malware samples that take use the COVID-19 theme to infect users. One of these malware samples was found to have advanced capabilities such as rewriting the Master Boot Record (MBR) to prevent users from recovering their infected devices. The malware pretends to be the "CoronaVirus ransomware", while it steals users’ passwords and deletes their data in the background.

Ref - ZDNet

_______________________________________________________________________________________

(April 02, 2020)

Iranian government-backed hackers target WHO

In the middle of coronavirus breakout, hackers supported by the Iranian government have attempted to crack the personal email accounts of the WHO staff. While Iran’s government has denied any association, the hackers are striving to steal passwords from the staff since March 2020. Though it is unclear whether any accounts were harmed, the intrusion attempts were made by sending malicious messages to imitate Google web services, to the staff’s personal email accounts.

Ref - Reuters

_______________________________________________________________________________________

(April 02, 2020)

Coronavirus domains continue to rise

Security researchers from Check Point reported an increase in the number of coronavirus-themed attacks, with the average number of daily attacks rising to over 2,600. In total, over 51,000 coronavirus-related domains have been registered since January 2020. Just in the second half of March, over 30,000 new domains were registered, out of which 0.4% (131) were malicious and 9% (2,777) were suspicious and under investigation.  


_______________________________________________________________________________________

(April 01, 2020)

Coronavirus financial relief fund scams

Researchers reported a slew of phishing scams that take advantage of the coronavirus financial relief packages being announced by various governments across the world. These scams target users with messages containing malicious attachments or links to phishing pages that steal their personal information under the pretense of processing their financial relief payments.


_______________________________________________________________________________________

(April 01, 2020)

Zoom riddled with critical security bugs

The popular video conferencing app, Zoom, came under the scanner once again after the discovery of critical vulnerabilities in both its macOS and Windows clients. The Zoom Windows client was found to be affected by a Universal Naming Convention (UNC) path injection vulnerability that could allow attackers to steal users’ Windows credentials. On the other hand, a security researcher discovered two zero-day flaws in the Zoom macOS client that could give root privileges to local, unprivileged attackers and give them access to a user’s microphone and camera.


_______________________________________________________________________________________

(April 01, 2020)

Microsoft warns hospitals of ransomware threat

Microsoft issues a targeted warning to several dozen hospitals, warning them of a ransomware gang targeting them through vulnerabilities in their VPN appliances. The alert provided information on how attackers can exploit these flaws, and a recommendation for applying security updates to defend against the malicious exploits.

Ref - ZDNet

_______________________________________________________________________________________

(April 01, 2020)

Malware campaign targets WFH employees

Cybercriminals are taking advantage of an existing bug in Microsoft Excel to spread malicious documents in a campaign targeting work from home employees. The documents are used to infect the victims with the LimeRAT trojan, using an old VelvetSweatshop default password bug in Microsoft Excel.


_______________________________________________________________________________________

(April 01, 2020)

Zoom, Microsoft Teams, and Google Classroom under attack

Security researchers have reported an increase in typosquatting and URL hijacking activity by cybercriminals who imitate the domain names of popular video conferencing applications like Zoom, Microsoft Teams, and Google Classroom. Some of the malicious domains are being used to spread the potentially unwanted application (PUA), InstallCore. Cybercriminals are also reportedly targeting online educational sessions conducted through Google Classroom.


_______________________________________________________________________________________

(March 31, 2020)

Remote work disrupts security patching

As more and more employees are forced to work from home under the COVID-19 crisis, patching of employee devices has taken a backseat as per a recent study. The survey by Automox found that patching of employee devices dropped to 42% under remote working conditions, compared to 48% in on-premise devices.


_______________________________________________________________________________________

(March 31, 2020)

Fake COVID-19 scam guidance

In a spear-phishing campaign targeting a global financial institution, the attackers impersonated the firm to send emails claiming to provide guidance on COVID-19 scams. The emails provide a link to download the guidance document, which if opened, leads to the infection of the victim’s computer with the Ursnif malware.

Ref - PhishLabs

_______________________________________________________________________________________

(March 31, 2020)

FBI warns about Zoom bombing attacks

Due to the way public Zoom meetings work, cybercriminals, pranksters, or random strangers can infiltrate meetings if legitimate invites or meeting IDs are leaked. This has led to a rise in video conference hijacking incidents known as Zoom bombings. The FBI also issued an alert regarding the surge in zoom bombing that has affected universities, governments, and other organizations that are relying on Zoom during the COVID-19 quarantine.


_______________________________________________________________________________________

(March 31, 2020)

Zoom domains spreading malware

According to research from Check Point, cybercriminals are taking advantage of the surge in video conferencing usage under work from home conditions by registering fake and malicious Zoom domains. The researchers found around 1,700 new Zoom domains that have been registered over the last several weeks, with 25% of the domains registered in the past seven days alone.

Ref - CISO MAG

_______________________________________________________________________________________


(March 30, 2020)

Cybersecurity in the time of COVID-19

This blog from the Council on Foreign Relations discusses the confluence of cybersecurity and healthcare concerns amidst the COVID-19 pandemic. The ongoing crisis has brought attention to existing security and reliability issues plaguing critical infrastructure across various countries and has invited a reconsideration of their cybersecurity strategies and policies.


_______________________________________________________________________________________

(March 30, 2020)

Bank customers targeted via SMS messages

Security researchers from PhishLabs reported a couple of credential phishing campaigns targeting the customers of various Canadian banks. The SMS scam messages informed the recipients that their debit card is locked for safety as the COVID-19 pandemic is spreading. Another similar campaign informed users about a payment received from the Canada relief fund. Both the campaigns provided links to landing pages which captured the victims’ banking credentials.

Ref - PhishLabs

_______________________________________________________________________________________

(March 28, 2020)

Security experts help fight COVID-19 cyberattacks

Hundreds of security experts have joined hands to help the medical community fight COVID-19 cyberattacks by forming the volunteer group, COVID-19 CTI League.


_______________________________________________________________________________________

(March 27, 2020)

US troops targeted with fake COVID-19 tests

Continuing the trend of COVID-19 scams, U.S. Army service members were targeted via scam phone calls requesting their personal information and promising a testing kit to check if they’re infected. The Defense Health Agency warned troops that the scam was designed to steal the personal information of Tricare beneficiaries.


_______________________________________________________________________________________

(March 26, 2020)

Security preparations in the time of COVID-19

Experts at the National Law Review discuss what steps organizations can take to secure their networks and their employees during the COVID-19 outbreak. 


_______________________________________________________________________________________

(March 26, 2020)

Hackers target mobile users in Italy and Spain

A malicious counterfeit Android app was found targeting users in Italy and Spain. While the actual app was designed for COVID-19 tracking by an Italian company, the counterfeit versions of the app injected malicious code to steal sensitive information from victims’ phones. The trojanized apps were designed to steal financial information and were spread through malicious third-party websites.


_______________________________________________________________________________________

(March 26, 2020)

Coronavirus bitcoin trading scam

Researchers at the security firm Malwarebytes reported a bitcoin trading scam that was repurposed from an earlier campaign to suit the current COVID-19 theme. The scam emails emulated the design of the British newspaper, The Sun, and promised recipients of making thousands by trading in bitcoins from their homes.


_______________________________________________________________________________________

(March 26, 2020)

Fines for Breaking COVID-19 Quarantine

West Mercia Police warned UK citizens of a scam campaign that sent messages warning recipients of a fine issued against them for the violation of COVID-19 lockdown. The scam messages impersonated GOV.UK and threatened the victims that their fine amount could increase up to £5,000 or an arrest.

Ref - BBC

_______________________________________________________________________________________

(March 26, 2020)

Fake Goodwill Payments from HMRC, UK

The Metropolitan Police warned UK citizens of a SMShing campaign that informed recipients of receiving a £258 'goodwill payment' from Her Majesty's Revenue and Customs (HMRC). The scam messages asked the recipients to follow an embedded link to receive the payment.


_______________________________________________________________________________________

(March 25, 2020)

"Corona antivirus" infects victims with BlackNET RAT

Security researchers discovered a website peddling a malicious “Corona Antivirus” software that claims to protect users from becoming infected with the virus in real life. The software, if installed, infects the victim’s computer with the BlackNET Remote Access Trojan (RAT).

Ref - TechRadar

_______________________________________________________________________________________

(March 25, 2020)

Baiting US citizens with fake ‘Census Form’

Security experts discovered a malicious campaign spreading through Facebook messages that asked the recipients to fill out a 2020 US Census form to receive an economic stimulus check for the COVID-19 lockdown.


_______________________________________________________________________________________

(March 25, 2020)

Scam website poses as legitimate medical mask supplier 

A scam website, protectivemaskdirect.com, claimed to supply infectious disease-related products to healthcare facilities. This website conned people and did not send them any masks. As per reports, the website used the official address of a company called Protective Masks Direct, a supplier for Britain’s National Health Service (NHS).

Ref - BuzzFeed

_______________________________________________________________________________________

(March 24, 2020)

DarkHotel group targets WHO as coronavirus cyberattacks spike


DarkHotel, an elite group of hackers, had attempted to hack inside the WHO’s internal email system. WHO officials also confirmed that a malicious website was spotted, that had made several attempts to steal from multiple members of the agency.
Ref - Reuters

_______________________________________________________________________________________


(March 24, 2020)

Is Netflix giving you a freebie subscription?

If you have received texts or emails from Netflix, asking you to click on a specific link for a free subscription to its streaming service, then probably you have been trapped in a phishing scam. Though the offer might seem attractive during these days of isolation, Netflix isn’t giving out free subscriptions.

Ref - TNW

_______________________________________________________________________________________

(March 24, 2020)

Coronavirus FInder spreads Ginp banking trojan

Cybercriminals behind Ginp, an Android banking trojan, were found spreading a new webpage called Coronavirus Finder. This page claims to show users the number of people infected with COVID-19 in their surrounding area and asks for a small payment to view the location of the infected people.

Ref - Kaspersky 

_______________________________________________________________________________________

(March 23, 2020)

Beware of dubious “Coronavirus Testers”

A viral hoax has circulated across social networks, police departments, and local news outlets, warning people in several parts of the world about the fraudsters posing as "coronavirus testers." Sometimes, these scammers dress in hazmat suits and break into homes to con people. Despite the reports from news channels and police departments from the U.S., South Africa, and the U.K., the evidence of the viral scam has not been found in real life. 

Ref - NBC

_______________________________________________________________________________________

(March 19, 2020)

Phishing campaign impersonates WHO chief

In one of the recently reported phishing campaigns, scammers posed as the Director-General of the World Health Organization (WHO) to send malicious attachments to unsuspecting victims. The attachments were used to deliver the HawkEye malware payload.


_______________________________________________________________________________________

(March 19, 2020)

Scams promising $1000 checks for economic relief

Taking advantage of the legislation passed by the US government for economic relief under COVID-19 quarantine, scammers sent emails promising a $1,000 check as part of the stimulus package. This scam occurred before any official information was released regarding the stimulus payments to US citizens.

Ref - WCNC News

_______________________________________________________________________________________

(March 19, 2020)

Hoax CDC Calls for COVID-19 Vaccines

The Daly City Police Department, California warned people of hoax calls from fraudsters pretending to be from the Center for Disease Control and Prevention (CDC) and asking users to provide their credit card and social security details for reserving a COVID-19 vaccine.

Ref - The Verge

_______________________________________________________________________________________

(March 19, 2020)

Coronavirus extortion emails

The Sophos Security team discovered an email extortion campaign that threatened recipients of revealing their dark secrets and even infecting them and their families with the Coronavirus.


_______________________________________________________________________________________
(March 19, 2020)

App offers fake Coronavirus safety mask

Security experts at Zscaler also discovered another malicious domain that asked users to install an app to receive a "Corona Safety Mask." The app, which is believed to be in its early stages of development, asks for unnecessary permissions and ends up stealing all the contacts from the victim’s phone. 

Ref - Zscaler

_______________________________________________________________________________________

(March 19, 2020)

Scam asking bank details to receive free meals

A phishing scam in the UK targeted people’s banking credentials by informing them that they are entitled to free school meals as part of the arrangements made for the COVID-19 lockdown. The UK government clarified that such messages were not sent from official sources and are part of a scam campaign. 

Ref - GOV.UK

_______________________________________________________________________________________

(March 18, 2020)

Fake WHO e-book spread by phishing scam

Security researchers from Malwarebytes observed a malspam campaign that impersonated WHO and sent victims an e-book titled “My Health E-book” that claims to include the complete research on the global pandemic, as well as guidance on how to protect children and businesses. The e-book attachment actually contained the GuLoader malware payload.


_______________________________________________________________________________________

(March 18, 2020)

Thousands of fake COVID-19 related websites

According to research from the security firm Check Point, hackers are exploiting the COVID-19 pandemic to spread their malicious campaigns, including registering malicious Coronavirus-related domains and selling discounted off-the-shelf malware in the dark web.


_______________________________________________________________________________________

(March 18, 2020)

Red Cross impersonators selling home tests

In March 2019, scammers on social media were spotted circulating fake messages to dupe individuals with claims of selling home tests for COVID-19. Following this, several Red Cross chapters across the US, the UK, and Canada dispelled the fake claims and advised the public to be wary of such scams.

Ref - Snopes

_______________________________________________________________________________________

(March 16, 2020)

Worldometers website hacked

The Worldometers website, which provides live tracking for the COVID-19 pandemic, came under attack from cybercriminals who manipulated the statistics provided on the website dashboard.

Ref - Geo News

_______________________________________________________________________________________

(March 15, 2020)

APT36 attack campaign 

The Pakistani state-sponsored threat actor group, APT36, was found targeting government agencies, defense, and embassies of the Indian government with a Coronavirus-themed spearphishing campaign, posing as health advisories to spread the Crimson RAT onto target systems.


_______________________________________________________________________________________

(March 13, 2020)

COVID19 Tracker app installs CovidLock ransomware

Researchers from the Zscaler ThreatLabZ team came across a malicious URL that is disguised as a download site for an Android app claiming to track the coronavirus spread. The app, instead, installs the CovidLock ransomware and demands a $100 ransom from the victims.

Ref - Zscaler

_______________________________________________________________________________________

(March 13, 2020)

Coronavirus credential theft

In this phishing attack, the attackers impersonated a university’s “health team” to trick victims into clicking on malicious links claiming to provide updates on coronavirus. Researchers from Abnormal Security found that the attackers aimed to steal Office 365 credentials by redirecting users to a fake login page.


_______________________________________________________________________________________

(March 13, 2020)

Trojan malspam campaigns

Researchers from F-Secure observed malspam campaigns sending various trojan payloads like the Emotet, LokiBot, Remcos, TrickBot, Formbook, and Agent Tesla information stealer. The spam campaigns mirrored the ongoing developments related to the health crisis to appear legitimate. Also, researchers observed a campaign capitalizing on the shortage of masks to trick recipients into making payments on fraudulent websites.

Ref - F-Secure

_______________________________________________________________________________________

(March 12, 2020)

Misuse of Coronavirus dashboard

In one of the attack campaigns, the John Hopkins University’s dashboard on Coronavirus infection was used on malicious websites to spread password-stealing malware such as the AZORult trojan. Cybercriminals were also found selling infection kits on Russian hacking forums that used the interactive map as part of a Java-based malware deployment scheme.


_______________________________________________________________________________________

(March 10, 2020)

Industrial sectors targeted by malspam

Proofpoint researchers uncovered a new Coronavirus-themed malspam campaign that leverages the concerns around disruptions in global shipping due to the pandemic. The threat actors targeted various sectors such as manufacturing, industrial, finance, transportation, pharmaceutical, and cosmetic companies, with malicious Word documents that install AZORult, an information stealing malware.


_______________________________________________________________________________________

(March 10, 2020)

Mustang Panda campaign exploits COVID-19 crisis

Mustang Panda, a Chinese government-linked threat group, was using a lure based on the directives of Vietnam Prime Minister Nguyen Xuan Phuc on preventing COVID-19. The threat group sent phishing emails with a RAR file attachment containing an LNK file that executed a malicious script to download the malware payloads. 

Ref - VinCSS

_______________________________________________________________________________________

(March 04, 2020)

FedEx impersonation campaign

Security researchers from Fortinet discovered an email impersonation campaign pretending to provide victims with the information on FedEx’s global shipping operations during the COVID-19 outbreak. The emails contained an attachment named “Customer Advisory.PDF.exe” that infected the victim’s device with the Lokibot malware.

Ref - Fortinet

_______________________________________________________________________________________

(February 27, 2020)

Korean malspam campaign

Researchers from the security firm IssueMakersLab that used malware-laced documents detailing South Korea's response to the COVID-19 epidemic. The campaign is believed to have been orchestrated by North Korean who used the health crisis as a lure to drop the BabyShark malware.


_______________________________________________________________________________________

(February 21, 2020)

Impersonation of Ukrainian health ministry

Security researchers from the RedDrip Team also detected an attack campaign impersonating the WHO and the Public Health Center of the Ministry of Health of Ukraine. The attack campaign, dubbed “TrickyMouse,” spread a C# backdoor through a malicious Word document attached in the emails.


_______________________________________________________________________________________

(February 13, 2020)

Japanese users targeted in Emotet campaign

Researchers at IBM X-Force reported an attack campaign targeting users in Japan by impersonating a disability welfare service provider. The phishing emails from the campaign contained a Word document attachment that infects victims’ computers with the Emotet trojan.


_______________________________________________________________________________________

(February 13, 2020)

Grandoreiro trojan targets Brazil, Mexico, Spain

Cybercriminals were found distributing the Grandoreiro banking trojan via malicious websites that use the ongoing health crisis as a lure. The website contained a video player which, upon clicking, resulted in the download of the trojan malware. The campaign, discovered by ESET Research, was found to target users in Brazil, Mexico, and Spain.


_______________________________________________________________________________________

(February 11, 2020)

Comment spamming attacks

Security researchers at Imperva observed a comment spamming campaign wherein the attackers posted numerous comments on social media websites with fake information on coronavirus and links to dubious drug-selling websites. The comments also included text strings from popular news stories so as to appear authentic.

Ref - Imperva

_______________________________________________________________________________________

(February 06, 2020)

Spearphishing against Korean company

Security researchers from the RedDrip Team of the Chinese security firm QiAnXin Technology identified a coronavirus-themed phishing campaign that targeted the South Korean chemicals manufacturing company Dongwoo Fine-Chem Corporation. The campaign used a decoy document containing the Nanocore RAT to take control of the victim’s device remotely.


_______________________________________________________________________________________

Stay ahead of threats with our cyber fusion solutions for threat intelligence sharing and analysis, threat response, and security automation:
  • CSAP - Mobile-enabled, automated threat alert aggregation, enrichment, and sharing platform
  • CTIX - A next-generation threat intelligence platform
  • CFTR - Manage threats and not incidents with true security case management
  • CSOL - Enable "any-to-any" tool orchestration with automated playbooks

 Tags

covid 19 scams
coronavirus phishing attack
coronavirus scams

Posted on: April 01, 2020

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

The Virtual Cyber Fusion Suite

Explore Solutions

Capabilities

Resource Library

Use Cases