Security News
Scammers are taking advantage of the focus on COVID-19 testing and the need for at-home test kits, says Barracuda Networks. A recent blog post from security firm Barracuda Networks looks at the rise in phishing campaigns that exploit the concerns over such testing.
Security researchers found a vulnerability in a home test for COVID-19 that a bad actor could use to change test results from positive to negative or vice versa. Here's how the test works: A user downloads an app, answers a few screening questions, watches an informational video and then performs the test.
Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns. Threat actors are quick to adjust to the latest trends and hot topics, and increasing people's fears is an excellent way to cause people to rush to open an email without first thinking it through.
Criminals have been quick to abuse the current circumstances to increase profits, spreading their tentacles to various areas and exposing vulnerabilities, connected to systems, hospitals or individuals. Europol's Executive Director Catherine De Bolle highlighted: "Worldwide operations, such as the successful takedown of EMOTET botnet, have demonstrated the effectiveness of international cooperation. Ransomware groups have attempted to disrupt critical infrastructures, such as service providers and government institutions, to increase their profits with no concern for the possible damages such interceptions may cause to public safety and security. To this, the collective response of our international law enforcement community is clear: the authorities and the private sector worldwide stand strong and ready to mitigate together any threat that blackmails the stability of our societies."
64% of survey respondents reported that their companies have concerns about security risks for supply chains. Toss in the COVID-19 pandemic and supply chain disruptions, and it's no wonder that enterprises are shifting their cybersecurity strategies.
An "Insidious" new SMS smishing malware has been found targeting Android mobile users in the U.S. and Canada as part of a new campaign that uses SMS text message lures related to COVID-19 regulations and vaccine information in an attempt to steal personal and financial data. Proofpoint's messaging security subsidiary Cloudmark coined the emerging malware "TangleBot."
An IT recruitment agency says a "Phishing scam" is behind a fake email sent to its customers with details on how to apply for a "Coronavirus Digital Passport." The email - sent to applicants and clients of Concept Resourcing, based in Dudley, England, on 14 September and seen by The Reg - claimed users could "Get your Digital Coronavirus Passports today" and showed recipients a big juicy link where they could do so.
Quickly following the president's mandate announcement, the price of a phony CDC vaccination card shot up from $100 to $200, Check Point Research said on Friday. In January, the phony vaccine card sales occurred mostly on the Dark Web, where you needed special software to access them, Ahmed said.
For companies going fully remote again, team cohesion, cloud investments and reducing IT burden could be key, according to tech experts. After a year of remote work, companies were starting to bring employees back to the office, but the more contagious delta variant and surging COVID-19 cases are giving employers pause; complicating office reentry timelines.
Municipalities all over the world are collecting vast amounts of data through COVID-19 contact-tracing programs, like Indiana's, and vaccine record keeping. Another person called "BigDOCS" was offering letters declaring that someone tested negative for COVID-19, for $40. Another counterfeit certificate seller was offering a fake vaccine card for $100, and for $125 the recipient can receive it overnight.