Security News

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable "Money mules" - people who get roped into money laundering schemes under the pretense of a work-at-home job offer. The "Vasty Health Care Foundation" is one of several fraudulent Web sites that recruit money mules in the name of helping Coronavirus victims.

A Pakistani-linked threat actor, APT36, has been using a decoy health advisory that taps into global panic around the coronavirus pandemic to spread the Crimson RAT. The functionalities of the Crimson RAT include stealing credentials from victims' browsers, capturing screenshots, collecting anti-virus software information, and listing the running processes, drives and directories from victim machines. Once victims click on the attached malicious document and enable macros, the Crimson RAT is dropped.

The app promises access to a coronavirus map tracker but instead holds your contacts and other data for ransom, DomainTools found. A new type of ransomware known as CovidLock encrypts key data on an Android device and denies access to the victims unless they pay up, according to the threat intelligence firm DomainTools.

As the American Bar Association's Cybersecurity Handbook puts it: "If a client's disaster recovery plans cannot pass the 'Hurricane Sandy test,' such plans might also fail if cyber incidents caused prolonged disruptions." With the uncertainty of COVID-19, most companies have deployed employee travel restrictions.

The intruders swiped, from staff email accounts no less, customer info including names and addresses; Social Security numbers; government-issued ID, such as passport numbers and driver's license numbers; credit card and financial account information; and health-related information. Vimeo says account info taken from infected user PCs. Video sharing site Vimeo believes a malware infection has targeted some of its user accounts for theft.

The U.S Department of Health and Human Services was the victim of a cyberattack on Sunday as the federal government attempts to deal with the coronavirus crisis, according to a report from Bloomberg. "The U.S. Health & Human Services fell victim to a Distributed Denial of Service attack yesterday when several endpoints controlled by a nation-state attacked their networks," Stephen Boyce, principal consultant at risk management and digital forensics firm Crypsis Group, said.

With the spread of the coronavirus, CIOs should focus on three short-term actions to increase their organizations' resilience against disruptions and prepare for rebound and growth, according to Gartner. Various quarantine measures and travel restrictions undertaken by organizations, cities and countries have caused uncertainties and disruptions as business operations are either suspended or run in limited capacity.

Hackers are getting hacked via trojanized hacking toolsSomeone has been trojanizing a wide variety of hacking tools to compromise the machines of hackers who want to use the tools for free, Cybereason researcher Amit Serper has revealed. SECURE Magazine: RSAC 2020 special issue releasedRSA Conference, the world's leading information security conference and exposition, concluded its 29th annual event in San Francisco.

Hospital CIOs also can take steps to collaborate with healthcare providers and strengthen the technical infrastructure of their facilities. Chou recommended preparing the contact center since they are the first line of contact for appointment scheduling for patients.

An advanced persistent threat group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call "Vicious Panda." Researchers identified two suspicious Rich Text Format files targeting the Mongolian public sector.