April 2020

64% of workers say their quality of work has improved amid pandemic disruption
https://www.helpnetsecurity.com/2020/04/28/quality-of-work-has-improved/
Excerpt:
ì64 percent of workers in the U.S. say their quality of work has improved amid the disruptive impact of COVID-19, according to KPMG.î
Security researcher identifies new APT group mentioned in 2017 Shadow Brokers leak
Catalin Cimpanu
https://www.zdnet.com/article/security-researcher-identifies-new-apt-group-mentioned-in-2017-shadow-brokers-leak/
Excerpt:
ìThree years and eight days ago, on April 14, 2017, a mysterious group of hackers known as the Shadow Brokers published a collection of hacking tools that ended up changing the internet forever.î
Vietnamese Threat Actors APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management in Latest Example of COVID-19 Related Espionage
Scott Henderson, Gabby Roncone, Sarah Jones, John Hultquist, Ben Read
https://www.fireeye.com/blog/threat-research/2020/04/apt32-targeting-chinese-government-in-covid-19-related-espionage.html
Excerpt:
ìFrom at least January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets that Mandiant Threat Intelligence believes was designed to collect intelligence on the COVID-19 crisis. Spear phishing messages were sent by the actor to China's Ministry of Emergency Management as well as the government of Wuhan province, where COVID-19 was first identified. While targeting of East Asia is consistent with the activity weíve previously reported on APT32, this incident, and other publicly reported intrusions, are part of a global increase in cyber espionage related to the crisis, carried out by states desperately seeking solutions and nonpublic information.î
Nintendo accounts are getting hacked and used to buy Fortnite currency
Catalin Cimpanu
https://www.zdnet.com/article/nintendo-accounts-are-getting-hacked-and-used-to-buy-fortnite-currency/
Excerpt:
ìOver the course of the last month, Nintendo users have been increasingly reporting that their accounts have been getting hacked and accessed from remote locations around the globe, with some users losing money as a result of the unauthorized intrusion.î
2,000 coronavirus scammers taken offline in major phishing crackdown
Danny Palmer
https://www.zdnet.com/article/2000-coronavirus-scammers-taken-offline-in-major-phishing-crackdown/
Excerpt:
ìAs the number of cyber criminals targeting remote workers grows, the National Cyber Security Centre (NCSC) has kicked off a new effort to encourage people to report suspicious emails in an attempt to crack down on fraudsters and phishing scams.î
Hackers steal $25 million worth of cryptocurrency from Lendf.me platform
Catalin Cimpanu
https://www.zdnet.com/article/hackers-steal-25-million-worth-of-cryptocurrency-from-uniswap-and-lendf-me/
Excerpt:
ìHackers have stolen more than $25 million in cryptocurrency from the Lendf.me lending platform. A similar attack was carried out against the Uniswap cryptocurrency exchange, but no losses were recorded.î
Hackers Targeting Azerbaijan Show Interest in SCADA Systems
Eduard Kovacs
https://www.securityweek.com/hackers-targeting-azerbaijan-show-interest-scada-systems
Excerpt:
ìA threat actor that has been spotted targeting Azerbaijan has shown an interest in the energy sector, specifically SCADA systems related to wind turbines, Ciscoís Talos threat intelligence and research group reports.î
Gamaredon APT Group Use Covid-19 Lure in Campaigns
Hiroyuki Kakara and Erina Maruyama
https://blog.trendmicro.com/trendlabs-security-intelligence/gamaredon-apt-group-use-covid-19-lure-in-campaigns/
Excerpt:
ìGamaredon is an advanced persistent threat (APT) group that has been active since 2013. Their campaigns are generally known for targeting Ukrainian government institutions. From late 2019 to February of this year, researchers published several reports on Gamaredon, tracking the groupís activities.î
Streaming TV Fraudsters Steal Millions of Ad Dollars in ëICEBUCKETí Attack
Tara Seals
https://threatpost.com/icebucket-streaming-tv-fraudsters-steal-ad-dollars/154852/
Excerpt:
ìCrooks manipulated connected TV supply-side ad platforms to create millions of fictional eyeballs.î
US victims lose $13 million from COVID-19-related scams
Zeljka Zorz
https://www.helpnetsecurity.com/2020/04/16/covid-19-fraud-losses/
Excerpt:
ìSuccessful COVID-19-themed fraud attempts perpetrated in the US, since the beginning of the year resulted in a little over $13 million losses, the Federal Trade Commission has shared.î
PPE, COVID-19 Medical Supplies Targeted by BEC Scams
Elizabeth Montalbano
https://threatpost.com/ppe-covid-19-medical-supplies-bec-scams/154806/
Excerpt:
ìFBI said that government agencies aiming to buy critical items like ventilators have unknowingly transferred funds to threat actors.î
A worrisome increase in call traffic from fraudsters exploiting the pandemic
https://www.helpnetsecurity.com/2020/04/14/call-traffic-pandemic/
Excerpt:
ìThereís a worrisome increase in call traffic from bad actors looking to cash in on new vulnerabilities created by the global COVID-19 pandemic, according to research from Next Caller.î
Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain
Lindsey O'Donnell
https://threatpost.com/overlay-malware-exploits-chrome-browser-targets-banks-and-heads-to-spain/154713/
Excerpt:
ìThe Grandoreiro banking malware uses remote overlay and a fake Chrome browser plugin to steal from banking customers.î
Account details for 4 million Quidd users shared on hacking forum
Catalin Cimpanu
https://www.zdnet.com/article/account-details-for-4-million-quidd-users-shared-on-hacking-forum/
Excerpt:
ìQuidd, an online marketplace for trading stickers, cards, toys, and other collectibles, appears to have suffered a data breach in 2019, and the details of around four million users are now being shared for free on underground hacking forums.î
Crypto Holders Being Targeted by COVID-19 Scammers ó FBI Warning
Turner Wright
https://cointelegraph.com/news/crypto-holders-being-targeted-by-covid-19-scammers-fbi-warning
Excerpt:
ìAccording to an FBI press release on April 13, the number of scams related to cryptocurrency may increase during the COVID-19 pandemic.î
Cybercriminals capitalize on COVID-19 fears, push shady websites, pharmaceuticals
https://www.helpnetsecurity.com/2020/04/10/covid-19-fears/
Excerpt:
ìShadowy sellers want to capitalize on interest in pharmaceuticals promising a potential treatment to COVID-19.î
Dutch police take down 15 DDoS services in a week
Catalin Cimpanu
https://www.zdnet.com/article/dutch-police-take-down-15-ddos-services-in-a-week/
Excerpt:
ìIn a press release published today, Dutch police said they have successfully taken down 15 DDoS-for-hire services in the span of a week, as part of one of their most successful crackdowns against online DDoS service providers.î
Pandemic driving global e-commerce growth, but fraud is on the increase too
https://www.helpnetsecurity.com/2020/04/09/e-commerce-increased-fraud/
Excerpt:
ëThe COVID-19 crisis is driving the global growth of e-commerce sales, with millions of consumers worldwide in quarantine shopping for goods, services and entertainment online.î
Video conferencing for teams and consumers: What is the right choice for you?
Zeljka Zorz
https://www.helpnetsecurity.com/2020/04/09/video-conferencing-teams/
Excerpt:
ìThough some claim that this forced ìwork from homeî situation has shown that many of the discussions that previously required office meetings can actually be expedited simply by exchanging a few emails, thereís no doubt that, for some tasks, face-to-face meetings ñ even if over the internet ñ are a mustî
Phishing emails impersonate the White House and VP Mike Pence
Lawrence Abrams
https://www.bleepingcomputer.com/news/security/phishing-emails-impersonate-the-white-house-and-vp-mike-pence/
Excerpt:
ìPhishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams.î
Spotting and blacklisting malicious COVID-19-themed sites
Zeljka Zorz
https://www.helpnetsecurity.com/2020/04/07/covid-19-malicious-sites/
Excerpt:
îSince last December, over 136,000 new COVID-19-themed domains have popped up and, while many host legitimate websites, others have been set up to serve malware, phishing pages, or to scam visitors.î
Email provider got hacked, data of 600,000 users now sold on the dark web
Catalin Cimpanu
https://www.zdnet.com/article/email-provider-got-hacked-data-of-600000-users-now-sold-on-the-dark-web/
Excerpt:
ìThe data of more than 600,000 Email.it users is currently being sold on the dark web, ZDNet has learned following a tip from one of our readers.î
Scammers target Australians financially affected by pandemic
Sergiu Gatlan
https://www.bleepingcomputer.com/news/security/scammers-target-australians-financially-affected-by-pandemic/
Excerpt:
î Australians that were financially impacted by the COVID-19 pandemic are targeted by scammers attempting to get their hands on victims' superannuation funds partially released starting mid-April.î
Cybercrime and disinformation during the pandemic
https://www.helpnetsecurity.com/2020/04/06/cybercrime-pandemic/
Excerpt:
ìCybercrime is evolving since criminals have been quick to seize opportunities to exploit the pandemic by adapting their tactics and engaging in new criminal activities.î
A hacker has wiped, defaced more than 15,000 Elasticsearch servers
Catalin Cimpanu
https://www.zdnet.com/article/a-hacker-has-wiped-defaced-more-than-15000-elasticsearch-servers/
Excerpt:
ìFor the past two weeks, a hacker has been breaking into Elasticsearch servers that have been left open on the internet without a password and attempting to wipe their content, while also leaving the name of a cyber-security firm behind, trying to divert blame.î
Total number of IoT connections to reach 83 billion by 2024
https://www.helpnetsecurity.com/2020/04/02/total-iot-connections/
Excerpt:
ìThe total number of IoT connections will reach 83 billion by 2024, rising from 35 billion connections in 2020, according to Juniper Research.î
Vulnerable VPN appliances at healthcare organizations open doors for ransomware gangs
Zeljka Zorz
https://www.helpnetsecurity.com/2020/04/02/vpn-healthcare-ransomware/
Excerpt:
î The increased enterprise VPN use due to the COVID-19 pandemic and the work-from-home (WFH) shift has not gone unnoticed by ransomware gangs, Microsoft warns.î
Nigerian Threat Actors Specializing in BEC Attacks Continue to Evolve
Ionut Arghire
https://www.securityweek.com/nigerian-threat-actors-specializing-bec-attacks-continue-evolve
Excerpt:
ìThe Nigerian business email compromise (BEC) threat actors referred to as SilverTerrier have intensified assaults on multiple industries and should be considered an established threat, Palo Alto Networks says.î
Marriott International 2020 data breach: 5.2 million customers affected
Zeljka Zorz
https://www.helpnetsecurity.com/2020/04/01/marriott-data-breach-2020/
Excerpt:
ìMarriott International has suffered a new data breach in mid-January 2020, which affected approximately 5.2 million guests.î
Read full article