— The cybersecurity community during the COVID-19 emergency
Nation-state hackers reportedly hunting for COVID-19 research (SC Magazine) Nation-state-sponsored hackers are reportedly targeting companies tasked with researching COVID-19, in some cases intruding into systems and performing reconnaissance.
Coronavirus-themed spam increases 4300% since February (Livemint) Cybercriminals are using the coronavirus outbreak to drive their business, with virus themed sales of malware assets on the dark web.Covid-19 themed domains on the internet are 50% more likely to be malicious
2,000 coronavirus scammers taken offline in major phishing crackdown (ZDNet) And now cybersecurity authorities want your help with spotting fake and fraud emails.
Coronavirus: UK spooks block 2,000 scams in Covid-19 cyber campaign (CityAM) British spy chiefs have taken down more than 2,000 online scams linked to coronavirus in the last month as they crack down on cyber criminals trying to exploit the health crisis.
NCSC launches coronavirus scam reporting service, plus advice on secure video-conferencing (SC Magazine) Scam reporting service launched to flag suspicious emails for the NCSC to assess and take down malicious content, Cyber Awareness campaign starts, includes advice on securing video-conferencing.
Federal Aid May Trigger Wave of Cyberattacks on Distressed Businesses (PR Newswire) As the federal and state agencies begin disbursing financial aid, experts at Keeper Security advise small and medium-sized businesses (SMBs) to...
NTUC warns of phishing email about "cash payouts of 3000USD" for income relief scheme (Stomp) An email claiming to be from NTUC Singapore and asking recipients to confirm their eligibility for the Self-Employed Person Income Relief Scheme (Sirs) is fake. Read more at stomp.straitstimes.com
Coronavirus: HMRC job retention scheme targeted by cyber criminals (ComputerWeekly.com) The UK government’s scheme to pay furloughed employees 80% of their wages is being targeted by cyber criminals.
HMRC sees massive demand for UK's Cornonavirus Job Retention Scheme (Computing) The system is designed to process up to 450,000 applications an hour
Senior federal government staff member’s email ‘spoofed’ in COVID-19 phishing campaign (The Mandarin) The Australian Cyber Security Centre (ACSC) has ramped up its fight against malicious cyber activity to protect local families, businesses, and the health sector, according to defence minister Linda Reynolds. Reynolds on Tuesday said the Australian Signals Directorate has been engaging with hospitals and health service providers across Australia as they respond to the coronavirus. …
As cyber attacks grow, doctors and hospitals struggle to update security measures (BostonGlobe.com) Malware attacks on health care organizations are increasing during coronavirus pandemic.
Hospitals brace for increase in cyberattacks (TheHill) As hospitals face a surge in patients and critical equipment shortages stemming from the coronavirus pandemic, they are increasingly becoming the target of hackers who see health care facilities as easy prey.
Privacy and the Pandemic: Time for a Digital Bill of Rights (Foreign Policy) Democratic governments need digital tools and personal data to combat the crisis, but too much sharing can be dangerous to individuals. How can they strike…
Unleashing information technology to defeat COVID-19 (ITU-WHO Joint Statement) Initiative builds on current efforts to disseminate health messages through the joint WHO-ITU BeHe@lthy BeMobile initiative
France asks Apple to relax iPhone security for coronavirus tracking app development (ZDNet) A technical issue is stymying the development of a government app for tracing COVID-19.
No Commonwealth access to Australia’s COVID-19 contact tracking app (ZDNet) The prime minister has said only state and territory health ‘detectives’ will see the data stored within.
Facebook tool will track coronavirus symptoms across the UK (The Telegraph) Mark Zuckerberg says it could help serve as a reality check on some governments that might be downplaying their epidemics
Opinion | Mark Zuckerberg: How data can aid the fight against covid-19 (Washington Post) The world has faced pandemics before, but this time we have a new superpower: the ability to gather and share data for good.
Facebook removes some events calling for protests of stay-at-home orders (NBC News) The events, which were planned in California, Nebraska and New Jersey, violated protective measures imposed by governors, Facebook said.
Algerian National Arrested for Engaging in Disinformation (Asharq AL-awsat) A west Algeria court applied on Monday for a remand of an Algerian to allow for investigations to take course into the defendant’s publishing of fake news relating to the novel coronavirus.
Authorities considered the published material illicit and ai
US Bans Church Website Selling #COVID19 ‘Miracle’ Treatment (Infosecurity Magazine) Church ordered to stop unlawfully touting industrial bleach as a cure for a string of diseases
IAITAM: Too Many Companies, Agencies with Vulnerabilities "Wide Open to Attack: from Breaches During COVID-19 Stay-at-Home Shutdowns (IAITAM) After Issuing Repeated Warnings, IAITAM Highlights 4 Biggest Problems Happening Now.
COVID-19 Chinoxy Backdoor: A Network Perspective (Nozomi Networks) To help the cybersecurity community defend its systems from COVID-19-themed threats, Nozomi Networks Labs is conducting threat intelligence research into the evolving situation.
3 Types Of Coronavirus Scams To Watch Out For (Bankrate) Scammers are looking for any possibility to trick you into revealing your personal financial details.
Gamaredon APT Group Use Covid-19 Lure in Campaigns (TrendLabs Security Intelligence Blog) In March, we came across an email with a malware attachment that used the Gamaredon group’s tactics. Some of the emails used the coronavirus pandemic as a topic to lure victims into opening emails and attachments.
NSE cautions trading members about Zoom video conferencing app, cyber threats (Outlook India) Leading stock exchange NSE has cautioned trading members about video conferencing app Zoom and cyber threats amid increased usage of the platform in the wake of nationwide lockdown to contain coronavirus pandemic.
Upchurch Watson White & Max Establishes Model Cybersecurity Protocol for Mediation Videoconferences (PR Newswire) John Upchurch, CEO and president of Upchurch Watson White & Max Mediation Group, announced Friday that, to assure security and privacy, the...
Google productises its own not-a-VPN secure remote access tool (Register) Zero-trust access to web applications with very fine-grained access controls
Analysis | The Cybersecurity 202: Congress wary of remote voting, meeting options during coronavirus pandemic (Washington Post) Underinvestment in digital security has left lawmakers struggling to complete even basic tasks during a crisis.
MPs expected to approve plans for 'virtual parliament' (the Guardian) Proposal would allow 120 MPs to take part using Zoom app while another 50 sit in chamber
Students, university clash over forced installation of remote exam monitoring software on home PCs (ZDNet) The use of remote spying software to prevent cheating has raised an outcry from students.
Who’s Behind the “Reopen” Domain Surge? (KrebsOnSecurity) The past few weeks have seen a large number of new domain registrations beginning with the word “reopen” and ending with U.S. city or state names.
Cloud Companies Won’t Float Above Pandemic (Wall Street Journal) Longer sales cycles—and potential price renegotiations—could nick tech’s hottest sector.
Claroty Beefs Up OT Security As Plant Operators Go Remote (CRN) Industrial IoT security provider Claroty is updating its Secure Remote Access Solution, among other things, to address the increase in plant operators working remotely.
The Scramble To Create Job Boards For Laid-Off Workers Amid COVID-19 Pandemic (Crunchbase News) A VC firm, a tech exec and startups are stepping up to help match laid-off employees with open positions.
Hitachi Capital rolls out identity-as-a-service to handle huge rise in loan applications post-lockdown (Computing) Lender is extending its use of Nomidio IDV to speed application processing for the UK government's Coronavirus Business Interruption Loan Scheme (CBILS)
Digital ID in Lockdown: What role can Digital Identity play in the world’s COVID-19 response? (Mobey Forum) COVID-19 has triggered unprecedented change around the world, imposing social distancing and a dramatic increase in remote working. With millions of people now following governmental advice to stay at home, Mobey Forum’s Digital ID expert group is busy exploring how digital identity schemes can help life to continue via online channels. Elina Mattila, Executive Director
Cyber Attacks, Threats, and Vulnerabilities
How a Kim Jong Un demise could spark unrest, require US, South Korean military response (Military Times) Questions about North Korea's leader were sparked by a report that Kim was in “grave danger,” but other organizations reported there were “no unusual signs” of Kim’s health.
South Korea downplays concerns over Kim Jong Un's health (AP NEWS) South Korean officials reported no unusual activity in North Korea on Tuesday following unconfirmed media reports that leader Kim Jong Un was in fragile health after...
No unusual activity in N. Korea, Cheong Wa Dae says, amid speculation on Kim Jong-un's health (Yonhap News Agency) Cheong Wa Dae said Tuesday that South Korea has not spotted an...
Weeks before US oil contract prices went negative, a spear-phishing crew went after oil firms. What did they get? (Register) Who wants to know about their biz plans? Someone determined
Oil & Gas Spearphishing Campaigns Drop Agent Tesla Spyware in Advance of Historic OPEC+ Deal (Bitdefender Labs) Bitdefender researchers have recently found spearphishing campaigns, either impersonating a well-known Egyptian engineering contractor or a shipment company, dropping the Agent Tesla spyware Trojan. The impersonated engineering contractor... #energysector #energyspearphishing #oil&gasmalware
Cognizant customers face crisis after cyber attack (InfotechLead) Cognizant Technology Solutions on Saturday said it was hit by a “Maze” ransomware cyber attack, resulting in service disruptions for some of its clients. The information technology services provider said it was taking steps to contain the incident, with the help of cyber defense companies, and has also engaged with law enforcement authorities. Ransomware is …
UniCredit Hackers Try to Sell Employee Data on Cyber-Crime Forums (Insurance Journal) Data on about 3,000 UniCredit SpA employees was put up for sale on cyber-crime forums after a hacking attack. The data went on sale on April 19 and
Bad Bot Report: Bad Bots Strike Back (Imperva) Imperva’s 2020 Bad Bot Report investigates the daily attacks that sneak past sensors and wreak havoc on websites.
Cymulate Discovers Hidden Malware Defense Evasion Technique Using Microsoft Terminal Services Client (MSTSC) (PR Newswire) Cymulate, the only end-to-end SaaS-based Breach and Attack Simulation (BAS) platform, today announced it has discovered a method for attackers...
Typosquatting RubyGems laced with Bitcoin-nabbing malware have been downloaded thousands of times (Register) 'Seemingly no transactions were made' but problem highlights risks of software supply chain
New Android Banking Trojan Targets Spanish, Portuguese Speaking Users (Security Intelligence) IBM X-Force recently analyzed a new Android banking Trojan dubbed "Banker.BR" that appears to be targeting users in Spain, Portugal, Brazil and other parts of Latin America.
Xilinx Vulnerability: Worrying "Unpatchable" Bug, or Obscure Attack Unlikely to be Exploited? (Computer Business Review) Security researchers say they have found a major, unpatchable Xilinx vulnerability - a flaw in the encryption of two popular FPGAs.
Unpatchable 'Starbleed' Bug in FPGA Chips Exposes Critical Devices to Hackers (The Hacker News) A new unpatchable bitstream encryption vulnerability in Xilinx FPGA chips exposes critical devices at risk of hacking.
Mootbot Botnet Targets Fiber Routers with Dual Zero-Days (Threatpost) Researchers saw several IoT botnets using one of the bugs in the wild after a proof-of-concept was published in March.
FBI says that sharing personal info online only helps scammers (BleepingComputer) The FBI's Charlotte office today warned against the sharing of sensitive personal information on social media as threat actors can take advantage of it to reset passwords and gain full control of accounts and the data stored within.
Bot creates millions of fake eyeballs to rip off smart-TV advertisers (Naked Security) The massive ICEBUCKET scheme has, so far, impersonated more than 2m people in 30+ countries, defrauding more than 300 brands of ad dollars.
Researchers Surface Privacy Vulnerabilities in Bitcoin Lightning Network Payments (Yahoo) Privacy holes in the Lightning Network, a bitcoin transaction settlement layer, are leaking payment information.
‘Squar Milner’ Announced a Data Breach Affecting Customers (TechNadu) An unknown number of Squar Milner clients may have had their personal data accessed by malicious actors, including names, addresses, tax details, and SSNs.
Chinese hackers targeted company behind 'Ragnarok Online' MMORPG (ZDNet) Security firm finds new Chinese malware aimed at the Gravity game maker's network. Unclear if the attempted intrusion succeeded.
Nintendo accounts are getting hacked and used to buy Fortnite currency (ZDNet) Nintendo has recommended that users enable two-factor authentication on their accounts.
Vulnerability Summary for the Week of April 13, 2020 (CISA) The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Cyber Trends
New Kenna Security Research Validates Efficacy of Automated Patching, Provides a Playbook for CISOs (Kenna Security) Research shows Microsoft’s pushed patches and automated updates have decisive security benefits
Top threat detection trends and challenges for cybersecurity professionals (Help Net Security) Research from Attivo Networks reveals explores the top threat detection trends and challenges for cybersecurity professionals.
Over a third of banking malware attacks in 2019 targeted corporate users - Latest Digital Transformation Trends | Cloud News | Wire19 (Wire19) In 2019, 773,943 users were attacked with banking malware. Out of those, about 35.1% of users belonged to the corporate sector.
70% of Cybersecurity Pros Would Make Their Companies' Networks Invisible to Bad Actors, yet 75% Still Use Legacy Network Security Tech (BusinessWire) Tempered announced the results of its Network Security Revolution study, based on a survey of 100 cybersecurity professionals at RSA Conference 2020.
Lack of network visibility driving schism between security and IT teams (SC Magazine) A lack of business network visibility is resulting in a series of common internal disconnects between IT, network and security functions, with 84% of security and IT teams admitting a negative relationship.
Marketplace
How cybersecurity dodged the 2020 tech spending slash (Tech Wire Asia) Latest financial projections have sent enterprise IT budget estimates tumbling in 2020. But cybersecurity has proven its value: will companies axe that too?
ForgeRock nabs $93.5M for its ID management platform, gears up next for an IPO (TechCrunch) For better or worse, digital identity management services — the process of identifying and authenticating users on networks to access services — has become a ubiquitous part of interacting on the internet, all the more so in the recent weeks as we have been asked to carry out increasing…
Awake Security Raises Series C Investment to Fuel Expansion (AiThority) Awake has increased its annual recurring revenue (ARR) by close to 700% and doubled its employee headcount over the past year.
Huawei’s Revenue Growth Slowed Sharply by Coronavirus, U.S. Blacklisting (Wall Street Journal) Revenue rose 1.4% to 182.2 billion yuan, or about $25.8 billion, from the same quarter a year ago, the company said. The climb was a slowdown from the 39% growth it reported in the same quarter a year ago.
Products, Services, and Solutions
F5 Expands Silverline Managed Services Offerings in India with New Point of Presence to Improve Application Security for Customers (CXOToday.com) F5 increases global footprint by adding point of presence, making its Silverline offerings available to customers across the Asia Pacific region 5 (NASDAQ:
CoNetrix Security Rolls Out Cutting-Edge IT Audit Services (Benzinga) The new audit service from CoNetrix Security provides companies a more comprehensive assessment of their information and cyber security controls.
How Hoxhunt minimizes cybersecurity risks from human error (Help Net Security) Hoxhunt is an automated phishing simulator that can be used to train all users within an organization. The platform can launch simulated phishing attacks.
Genetec’s Firmware Vault Helps Organizations Stay Up-To-Date With Latest Camera Firmware And Enhance Cybersecurity (Security Informed) Genetec Inc., a globally renowned technology provider of unified security, public safety, operations, and business intelligence solutions, has announced that Firmware Vault, the industry’s first...
Claroty Significantly Strengthens its Industry-Leading OT Security Platform (Yahoo) Claroty, the global leader in industrial cybersecurity, today announced it has strengthened the Claroty Platform to deliver the industry's broadest range of operational technology (OT) security controls in a single solution, thereby empowering enterprises to more easily and effectively reduce risks
StackRox Delivers Compliance Controls for NIST 800-53 (StackRox) StackRox Kubernetes Security Platform now supports continuous compliance checks for container-relevant controls in NIST 800-53
Technologies, Techniques, and Standards
CISOs: Quantifying cybersecurity for the board of directors (Help Net Security) An important part of the CISOs job is quantifying cybersecurity. A CISO must properly and accurately explain risk and business impact when reporting.
How startups can take the affordable route to cybersecurity (CISO MAG) Here are some ways in which a small company or startup can embrace cybersecurity while keeping the expenses under control.
Design and Innovation
How gamification can boost your cybersecurity training (WeLiveSecurity) Security is not a game, but learning about it could be – here’s why adding the fun factor can help employees become more cyber-aware.
Legislation, Policy, and Regulation
The Changing Face of Warfare in the Hi-Tech World (Southwestern Law Review) War is an organic part of human nature and history, so it would be naive to imagine a future without wars. While the world is catching up with the current fourth-generation warfare, fifth-generation warfare, hybrid warfare, and cyberwarfare, this paper wants to expound upon the unexplored future of warfare in this world.
()
Priority Open Recommendations: Department of State (Government Accountability Office) Each year, we make more than 1,000 recommendations to help improve the federal government. We alert department heads to the recommendations where they can save the most money, address issues on our High Risk List, or significantly improve government operations.
Warrant officers should be the next cyber operators (Fifth Domain) There is too much turnover among non-commissioned officer/enlisted cyber operators to match the expanding need for a highly qualified and technically cognizant cyber force. Here's what the Army should do instead.
Litigation, Investigation, and Law Enforcement
Pakistan Removes Thousands of Names From Terrorist Watch List (Wall Street Journal) Pakistan has removed thousands of names from a list intended to help financial institutions avoid doing business with suspected terrorists.
U.S. Supreme Court to consider limiting reach of computer fraud law (Reuters) The U.S. Supreme Court will consider whether to limit the type of conduct that can be prosecuted under a federal computer fraud law in a case it took up on Monday involving a former Georgia police officer convicted after agreeing to investigate whether a purported local stripper was an undercover cop.
Supreme Court to hear case about the reach of computer hacking law (Fifth Domain) The case involves Nathan Van Buren, who was a police sergeant in Cumming, Georgia.
Walgreens Customers Say Rx Info 'In The Hands Of Thieves' (Law360) Walgreens didn’t have reasonable or adequate cybersecurity procedures when customers’ prescription records and personal information were exposed in a data breach last year, according to a proposed class action filed Monday in Illinois federal court.