Security News

Beijing accused the United States of "Slander" on Wednesday after two Chinese nationals were indicted for seeking to steal coronavirus vaccine research and hacking hundreds of companies. "The Chinese government is a staunch defender of cyber security, and has always opposed and cracked down on cyber attacks and cyber crime in all forms," said foreign ministry spokesman Wang Wenbin.

Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks. "Microsoft's Digital Crimes Unit first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts," said the mega-corp in a blog post this week.

A report released on Tuesday by security company GreatHorn illustrates the ebb and flow of these attacks and offers advice on how organizations can fight them. For its report, GreatHorn tracked the volume of COVID-19-related email phishing attacks from January, when the virus began to surface, until June, when many countries and companies slowly started to resume operations.

Researchers are warning of a new phishing attack that purports to send coronavirus training resources to employees who are returning to the workplace, as COVID-19 lockdowns lift. The recent phishing campaign leverages novel training programs that are required for employees in the workplace to comply with coronavirus regulations.

Tech companies like Amazon, Apple, Wells Fargo, Salesforce, and IBM have continued to hire in cities across the country despite the economic downturn. Amazon, Deloitte, Bloomberg, and Wells Fargo were all hiring widely for tech positions in New York city.

The report, which examined how cyberattacks exploited the crisis, found that attackers used local lures and preyed on people's "Concern, confusion, and desire for resolution" with mainly phishing campaigns aimed at spreading malware, committing identity theft or creating other disruptions. Instead of creating new types of malware to use during the pandemic, Microsoft's threat intelligence on endpoints, email and data, identities and apps concluded that "This surge of COVID-19 themed attacks was really a repurposing from known attackers using existing infrastructure and malware with new lures."

A report published Tuesday by security provider Avira explores the reluctance on the part of many to adopt these contact tracing apps. Commissioned by Avira and conducted by research firm Opinion Matters, an online survey of 2,005 people found that 71% of them would not use COVID-19 contact tracing apps.

Germany launched a coronavirus tracing app Tuesday that officials say is so secure even government ministers can use it. Smartphone apps have been touted as a high-tech tool in the effort to track down potential COVID-19 infections.

What we noticed on the dark net was almost immediately a series of schemes and fraud schemes perpetrated toward the banks, the small business administration, and the other agencies that were affected by the stimulus money. What they're using as seed data for these particular loan applications is stolen private information, PII data, of individuals on the dark net.

Kurtis Minder, co-founder and CEO of GroupSense, explains why the coronavirus has been big business for bad actors.