Security News
The UK Information Commissioner's Office has yet again postponed its £280m in fines against British Airways and Marriott Hotels for data leaks. The fines were handed to both companies following damaging and widely publicised digital break-ins affecting millions of people around the world.
Enterprise SaaS-based attacks are becoming more prevalent, according to Menlo, which said that 97% of these attacks use just five popular SaaS services. With the coronavirus spreading, such phishing attacks are likely to increase, while attackers are expected to continue to evolve their techniques.
A newly discovered piece of malware is taking advantage of the current COVID-19 pandemic to render computers unusable by overwriting the MBR. Cybercriminals were quick to exploit the coronavirus crisis for their malicious attacks, including phishing, malware infections, and the likes, and it did not take long for state-sponsored threat actors to join the fray. In addition to banking Trojans targeting enterprise workers and information-stealing malware aimed at multiple industries, which only steal victims' information, miscreants are also disseminating destructive threats, such as the newly observed wiper.
A new Windows malware has emerged that makes disks unusable by overwriting the master boot record. Overwriting the MBR is the same trick that the infamous NotPetya wiper malware used in 2017 in a campaign that caused widespread, global financial damage.
Researchers are warning of an upward surge in social-engineering lures in malicious emails that promise victims financial relief during the coronavirus pandemic. This latest trend shows cybercriminals continuing to look to the newest developments in the coronavirus saga as leverage for phishing campaigns, targeted emails spreading malware and more.
With more and more companies seeking ways to get their essential work done with a workforce that is now primarily home-based during the COVID-19 coronavirus pandemic, IBM has joined a legion of IT vendors that have been offering some of their critical IT applications and services for free to existing customers to help in this time of crisis. Under the new offer, nine IBM cloud products and services are now available for use by IBM customers that need them at no charge for 90 days, including IBM Cloud, Aspera file sharing and team collaboration, IBM Security, IBM Video Streaming and IBM Enterprise Video Streaming, IBM Sterling supply chain tools, IBM Blueworks Live remote collaboration tools, IBM Cloud Event Management, remote learning resources, and IBM Garage.
A new phishing campaign is using the fear of being infected as a way to spread malware, as spotted by security trainer KnowBe4. Cybercriminals who specialize in phishing attacks have been exploiting the coronavirus for the past couple of months.
A few days earlier, the U.S. Department of Health and Human Services suffered a DDoS attack, assumed to have been launched by a hostile foreign actor, aimed at slowing down the agency's services amid the government's rollout of a response to coronavirus. During an unprecedented time of peak traffic, the risk of a DDoS attack is growing exponentially.
Since February, spam exploiting the novel coronavirus has jumped by 4,300% and 14,000% in the past 14 days, according to IBM X-Force, IBM's threat intelligence group. A new report from IBM X-Force reveals just how much COVID-19 spam has been generated and how it's been manifesting itself.
Just as law-abiding people have been discussing COVID-19, so too have criminals on the dark web. In a report published last week, Sixgill discussed the specific topics that the coronavirus has been generating on the dark web.