Security News > 2020 > July

Is the data confidential? Intellectual property? Important? The next step is determining who has access to the organization's data. When you consider that much data activity, it becomes clear how challenging it is to ask security professionals to understand who is accessing all of that data and where all of that data is flowing.

The Kremlin-backed APT29 crew, also known by a variety of other names such as Cozy Bear, Iron Hemlock, or The Dukes, depending on which threat intel company you're talking to that week, is believed by most reputable analysts to be a wholly owned subsidiary of the FSB, modern-day successor to the infamous Soviet KGB. NCSC ops director Paul Chichester said in a statement: "We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic." Foreign Secretary Dominic Raab added: "It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic. While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health."

Kaspersky's latest research identifies the top streaming services cybercriminals most use to disguise malicious files and lure vulnerable users. The year 2019 was host to what the report refers to as "Streaming Wars," or the moment when major network providers realized streaming services were the preferred method of consuming content.

The advanced threat actor known as APT29 has been hard at work attempting to pilfer COVID-19 vaccine research from academic and pharmaceutical research institutions in various countries around the world, including the U.S. That's according to a joint alert from the U.S. Department of Homeland Security, the U.K.'s National Cyber Security Centre and Canada's Communications Security Establishment, issued Thursday. The 14-page advisory details the recent activity of Russia-linked APT29, including the use of custom malware called "WellMess" and "WellMail" for data exfiltration.

Britain, the United States and Canada accused Russian hackers on Thursday of trying to steal information from researchers seeking a coronavirus vaccine, warning scientists and pharmaceutical companies to be alert for suspicious activity. Intelligence agencies in the three nations alleged that the hacking group APT29, also known as Cozy Bear and said to be part of the Russian intelligence services, is attacking academic and pharmaceutical research institutions involved in COVID-19 vaccine development.

Following the hacks of verified Twitter accounts for several high-profile people, including Bill Gates and Joe Biden, how can you prevent your own account from falling into the wrong hands? In the meantime if this type of attack was able to breach verified accounts, what can regular Twitter users do to protect their own accounts from being hacked? Let's look at the security controls offered by Twitter.

Researchers with cybersecurity firm PerimeterX have released new data showing an 820% increase in e-gift card scams since March, when most people began staying home to protect themselves from COVID-19. "E-gift card attacks usually target well-known brands because their e-gift cards are 'hot goods' in the secondary market. Amongst the brands protected by PerimeterX, we saw e-gift card attacks stay fairly steady in the e-commerce vertical since the COVID-19 lockdown started we saw a skyrocketing increase of 820% in such attacks, mainly in online food delivery services," PerimeterX's Yossi Barkshtein wrote in a blog this week.

Disclosed by Zoom and Check Point on Thursday, the security flaw existed in the "Vanity URL" feature for Zoom, which allows companies to set up their won Zoom meeting domain, i.e. "Yourcompany.zoom.us." Companies can add customized logos and branding to the page, and end users access the page and click meeting links within that page to connect to a Zoom call. "A hacker could target such an interface and attempt to redirect a user to enter a meeting ID into the malicious Vanity URL rather than the actual or genuine Zoom web interface. As with the direct links attacks, without careful cybersecurity training, a victim of such attacks may not have been able to recognize the malicious URL and have fallen prey to the attack."

A state-sponsored hacking group linked to Iran accidentally exposed one of its servers, giving researchers access to roughly 40 GB of videos and other files associated with the threat actor's operations. Some of the videos uncovered by IBM on the exposed server showed successful attacks against a member of the U.S. Navy and an officer in the Hellenic Navy, the naval force of Greece.

The EU Court of Justice has struck down the so-called Privacy Shield data protection arrangements between the political bloc and the US, triggering a fresh wave of legal confusion over the transfer of EU subjects' data to America. Austrian privacy activist Max Schrems brought the latest edition of the long-running case in 2015, complaining that Ireland's data protection agency wasn't preventing Facebook Ireland Ltd from beaming his data to the US. Once his data was in the US, Schrems argued, no EU-style data privacy controls were legally enforceable by him or anyone else in that situation.