This week, hackers continued to capitalize on the COVID-19 pandemic, targeting the healthcare industry, oil companies and remote workers.
- Cybersecurity authorities in the Czech Republic have warned of an “extensive campaign of cyberattacks” on IT systems and health care facilities. At least one of the malicious files in the Czech advisory is part of a batch of code used in a remote access hacking tool, which SonicWall reported last month.
- SonicWall’s new Boundless Cybersecurity model is designed to protect and mobilize large enterprises, small- and medium-sized businesses, and government agencies from the risks of a remote workforce.
2,000 Coronavirus Scammers Taken Offline in NCSC Phishing Crackdown – Experts Reaction – Information Security Buzz
- The UK’s National Cyber Security Centre, along with the City of London Police and several other government agencies, has launched a ‘Suspicious email reporting service’ for members of the public to alert the authorities to potential cyber-attacks.
- Hackers are targeting remote workers, particularly in highly impacted areas where users’ confusion and anxiety makes them more susceptible to phishing.
- Ongoing cooperation between the government and technology companies has resulted in the removal of hundreds of fraudulent websites that included “coronavirus,” “covid19” and related phrases in their names.
Creative Skype phishing campaign uses Google’s .app gTLD – Bleeping Computer
- Attackers have deployed a phishing campaign against remote workers using Skype, luring them with emails that mimic notifications from the service.
- The WHO’s security team has been the target of an increasing number of attempted cyber-attacks since mid-March. According to officials, WHO itself has not been hacked, but employee passwords have leaked through other websites.
- Espionage hackers have commenced a sophisticated spear-phishing campaign concentrated on U.S.-based energy companies. The goal: install a notorious trojan to siphon their most sensitive communications and data.
- A new network of white hat hackers—made up of more than 1,400 volunteers in 76 countries, from sectors including information security, telecommunications and law enforcement—has banded together under the name COVID-19 CTI League to help protect the healthcare industry.
Apple iPhone May Be Vulnerable to Email Hack – The Wall Street Journal
- Sophisticated hackers may be attacking Apple iPhones by exploiting a previously unknown flaw in the smartphone’s email software.
Customer complaint phishing pushes network hacking malware – Bleeping Computer
- A new phishing campaign is targeting remote employees, using fake customer complaints to install a backdoor that will compromise the corporate network.
- With the use of new malware and a smartphone, researcher Mordechai Guri was able to exfiltrate data from air-gapped computers using vibrations from the machines’ internal fans.
In Case You Missed It
- Securing Telecommuters with Expanded Endpoint Visibility and Control – Suroop Chandran
- ‘Boundless Cybersecurity’ Protects Organizations Mobilizing for the New Business Normal – Geoff Blaine
- The New Front in Hospitals’ Battle Against COVID-19: Ransomware – Amber Wolff
- SonicWall Unveils Partner Program Designed for MSSPs – Lindsey Lockheart
- Securing SaaS: Protect More, Manage Less – Vishnu Chandra Pandey