Security News > 2020 > May

Several weeks ago, Google, which was seeing around 18 million pandemic-themed malware or phishing messages per day, revealed that nation-backed hackers were targeting healthcare organizations and those engaged in the fight against the coronavirus pandemic. Today, the US Department of Homeland Security Cybersecurity and Infrastructure Security Agency and the United Kingdom's National Cyber Security Centre warned that APT groups are "Actively targeting organizations involved in both national and international COVID-19 responses."

Bad actors matched their cyber attack strategy with the increasing uncertainty of the coronavirus epidemic, according to a new analysis from Mimecast. Over the 14 weeks that Mimecast analyzed, detections increased during seven weeks, decreased during five weeks, and showed no change during two weeks.

More than 30 technology and telecom firms unveiled an alliance Tuesday to press for "Open and interoperable" 5G wireless systems that eliminate the need for a single supplier. The new Open RAN Policy Coalition said an open-standards system with competitive bidding for various components in a "Radio access network" would avoid depending on any single technology supplier.

The email tells recipients that "The best way to update details is to log on to your EE" and offers a hyperlink that states 'view billing to make sure your account details are correct' to entice the recipient to click the phishing link. The phishing landing page uses the trusted HTTPS protocol within the URL. The use of HTTPS, which other phishing campaigns have utilized, gives false hope to the user that network traffic is being encrypted and that it's therefore safe.

Automated application security testing is a key component of modern SDLC practices and can economically uncover many bugs and potential security flaws with relative ease. Application security testing embraces a broad range of complementary techniques and tooling-such as static application security testing, dynamic application security testing, interactive application security testing, and runtime application self-protection.

Foreign state hackers are trying to brute-force their way into pharmaceutical and medical research agencies hunting for a COVID-19 vaccine, British and American infosec agencies are warning. The National Cyber Security Centre and America's Cybersecurity and Infrastructure Security Agency cautioned of a "Password spraying" campaign targeting healthcare and medical research organisations.

Specifically, organizations need visibility into the VPN. In some cases, businesses may not have considered remote employees at all when building their physical networks. The connections on the VPN and physical network should be monitored throughout the organization to ensure that IT has all the information they need to stop threats in their tracks and enable a fast response to malicious actors.

Microsoft on Tuesday announced a new security research challenge that encourages white hat hackers to find and responsibly disclose vulnerabilities in the company's Azure Sphere solution. In an effort to identify potentially serious vulnerabilities in Azure Sphere, Microsoft has decided to run a three-month application-only challenge.

Hosting biz GoDaddy has admitted a hacker tampered with an SSH file on its servers, leading to the theft of 28,000 users' SSH credentials. The intrusion, which took place last month, involved one or more malicious persons "Alter" an SSH file on GoDaddy's infrastructure, the US giant told The Register.

UPDATE. GoDaddy, the world's largest domain name registrar, is warning customers that attackers may have obtained their web hosting account credentials. The company said that the breach only affected hosting accounts, not general GoDaddy.com customer accounts, and that no customer data in the main accounts was accessed.