Security News

A WatchGuard report reveals how COVID-19 has impacted the security threat landscape, with evidence that attackers continue to target corporate networks despite the shift to remote work, and a rise in pandemic-related malicious domains and phishing campaigns. "As the impact of COVID-19 continues to unfold, our threat intelligence provides key insight into how attackers are adjusting their tactics," said Corey Nachreiner, CTO at WatchGuard.

Vaccine-related phishing emails and domains are popping up, while criminals are selling phony vaccines via the Dark Web, says Check Point. In another campaign, the email touts the subject line of "Pfizer's Covid vaccine: 11 things you need to know" and includes an executable file named "Covid-19 vaccine brief summary." Clicking on this file triggers the nasty malware called Agent Tesla, a Remote Access Trojan that acts as a keylogger and infostealer.

Guardsquare announced the release of a report which reassesses the levels of security protections and privacy risks of COVID-19 contact tracing apps. Government-sponsored COVID-19 contact tracing Android mobile apps have been analyzed in June 2020, uncovering that the vast majority lacked even basic security protections.

The EMA, based in Amsterdam in The Netherlands, is responsible for the evaluation and approval of medicines in the European Union - a role reflected in its former name, the European Agency for the Evaluation of Medicinal Products. There's no suggestion of when the attack was discovered, how it was found, when it probably started, how extensive it seems to have been, how much disruption it has caused, whether anyone outside the EMA was potentially affected, how long it's likely to take to restore the network to normal, or what the EMA is doing right now to stop it happening again.

Another cyberattack has been launched - this time, threat actors were able to break into the European Medicines Agency server and access documentation about the vaccine candidate from Pfizer and BioNTech. "Today, we were informed by the European Medicines Agency that the agency has been subject to a cyberattack and that some documents relating to the regulatory submission for Pfizer and BioNTech's COVID-19 vaccine candidate, BNT162b2, which has been stored on an EMA server, had been unlawfully accessed," the Pfizer-BioNTech statement said.

These phishing emails promise compensation, test results, and other lures about the coronavirus to trick unsuspecting users, says Armorblox. With 2020 almost over, such email attacks continue merrily on.

To combat the COVID-19 outbreak, many companies and governments have deployed contact tracing apps that can alert you if someone with whom you've been in contact tests positive for the virus. The research included global contact tracing apps and apps from two US states and two US territories for a total of 52 Android apps and 43 iOS apps-95 apps in all.

The Russia-linked cyberspy group known as Zebrocy has adopted COVID-19 vaccine-related lures in a recently observed phishing campaign, threat detection and response company Intezer reported on Wednesday. Initially detailed in 2018, Zebrocy is believed to be associated with the infamous Russian state-sponsored hacking group Sofacy.

The EU's medicines regulator said Wednesday it had been the victim of a cyberattack, just weeks before it is due to decide on special approval for two coronavirus vaccines. "EMA has been the subject of a cyberattack. The agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities," the EMA said in a brief statement.

Cybercriminals are tapping into the impending rollout of COVID-19 vaccines with everything from simple phishing scams all the way up to sophisticated Zebrocy malware campaigns. Security researchers with KnowBe4 said that the recent slew of vaccine-related cyberattacks leverage the widespread media attention around the development and distribution of COVID-19 vaccines - as well as recent reports that manufacturers like Pfizer may not be able to supply additional doses of its vaccine to the U.S. large volumes until sometime in Q2. These lures continue to play into the high emotions of victims during a pandemic - something seen in various phishing and malware campaigns throughout the last year.