This week, a lot’s been up—including data loss, ransom demands, white-hat bounties, VPN sales and more.
- BoA said the platform was designed to test application submissions of to the Small Business Administration — but the company soon realized client docs could be viewed by other lenders and third parties.
- After the Covid-19 tracking app reached five million downloads within its first three days, it became a target for malware creators. According to SonicWall Labs Threats research team, fake Aarogya Setu apps containing spyware are now in circulation.
- SonicWall researchers have discovered a new ransomware called Instabot that asks for ransom in bitcoin—and includes video instructions and a step-by-step manual to “help” victims comply.
Israeli cyber chief: Major attack on water systems thwarted – The Washington Times
- According to Israel’s national cyber chief, the country has thwarted a major cyberattack against its water systems, and it’s believed that Iran is behind it.
Ransomware’s big jump: ransoms grew 14 times in one year – Bleeping Computer
- Ransomware has become one of the most insidious threats in the past few years, and the demands continue to climb: According to Bleeping Computer, ransom demands for more than $1 million are no longer rare.
Data Loss Spikes Under COVID-19 Lockdowns – Dark Reading
- Two new reports suggest a massive gap between how organizations have prepared their cybersecurity defenses and the reality of their effectiveness.
- “I just want you to know that we have stepped up our protections of HHS and CDC,” Bryan Ware told industry representatives Friday.
New Octopus Scanner malware spreads via GitHub supply chain attack – Bleeping Computer
- Security researchers have found a new malware that finds and backdoors open-source NetBeans projects hosted on the GitHub web-based code hosting platform to spread to Windows, Linux, and macOS systems.
- Demand for virtual private networks in Hong Kong surged more than six-fold last Thursday as Beijing proposed tough new national security laws that some say could impact internet privacy.
- Cash-short state and local governments are pleading with Congress to send them funds to shore up their cybersecurity as hackers look to exploit the crisis by targeting overwhelmed government offices.
$100 million in bounties paid by HackerOne to ethical hackers – Bleeping Computer
- Bug bounty platform HackerOne announced that it has paid out $100,000,000 in rewards to white-hat hackers around the world.
- According to researchers, a notorious group of suspected Russian hackers have used a revamped tool to spy on governments in Eastern Europe and quietly steal sensitive documents from their networks.
- The operators of the RagnarLocker ransomware are running Oracle VirtualBox to hide their presence on infected computers inside a Windows XP virtual machine.
In Case You Missed It
- Why Securing Remote Work is Crucial To Ensuring Business Continuity – Agasthiamani Sankaran
- Securing Telecommuters with Expanded Endpoint Visibility and Control – Suroop Chandran
- ‘Boundless Cybersecurity’ Protects Organizations Mobilizing for the New Business Normal – Geoff Blaine
- The New Front in Hospitals’ Battle Against COVID-19: Ransomware – Amber Wolff
- SonicWall Unveils Partner Program Designed for MSSPs – Lindsey Lockheart