Security News

The advanced threat actor known as APT29 has been hard at work attempting to pilfer COVID-19 vaccine research from academic and pharmaceutical research institutions in various countries around the world, including the U.S. That's according to a joint alert from the U.S. Department of Homeland Security, the U.K.'s National Cyber Security Centre and Canada's Communications Security Establishment, issued Thursday. The 14-page advisory details the recent activity of Russia-linked APT29, including the use of custom malware called "WellMess" and "WellMail" for data exfiltration.

Researchers with cybersecurity firm PerimeterX have released new data showing an 820% increase in e-gift card scams since March, when most people began staying home to protect themselves from COVID-19. "E-gift card attacks usually target well-known brands because their e-gift cards are 'hot goods' in the secondary market. Amongst the brands protected by PerimeterX, we saw e-gift card attacks stay fairly steady in the e-commerce vertical since the COVID-19 lockdown started we saw a skyrocketing increase of 820% in such attacks, mainly in online food delivery services," PerimeterX's Yossi Barkshtein wrote in a blog this week.

A report released Thursday by security service Exabeam contends that cyberthreats and financial risks have increased as the pandemic spread during the first half of 2020. For "The Exabeam 2020 State of the SOC Report," Exabeam commissioned Censuswide to survey more than 1,000 IT security professionals at small and midsized companies in the US and UK. Among all the respondents, 80% said they experienced "Slightly to considerably more" cyberattack attempts in the first half of the year, breaking down to 88% in the US and 74% in the UK. A third of those surveyed were hit by a successful cyberattack during this period, triggering network downtime for 38% in the US and 40% in the UK. The pandemic has taken a financial toll as well, affecting security budgets and employees.

The new results which were taken after COVID-19 took hold, show that 88% of those surveyed cite the pandemic as a reason to migrate security to the cloud. Security is still a concern, when it comes to cloud-based security platforms.

Global lockdowns from COVID-19 have resulted in far fewer fraudsters willing or able to visit retail stores to use their counterfeit cards, and the decreased demand has severely depressed prices in the underground for purloined card data. Gemini's latest find - a 10-month-long card breach at dozens of Chicken Express locations throughout Texas and other southern states that the fast-food chain first publicly acknowledged today after being contacted by this author - saw an estimated 165,000 cards stolen from eatery locations recently go on sale at one of the dark web's largest cybercrime bazaars.

5G progress in connections and deployments continues despite the COVID-19 pandemic and resulting economic downturn according to 5G Americas. Chris Pearson, President, 5G Americas said, "Globally, 5G remains the fast-growing generation of wireless cellular technology ever, even as the world is gripped with a pandemic. In North America, we are seeing consistent, strong uptake of new 5G subscribers as new devices have been released that can take advantage of low-band and millimeter wave frequencies. At the same time, new network capabilities are being added."

Global consulting firm Protiviti has launched a Navigating Business Resilience tool to help companies take a rapid approach to addressing the unprecedented challenges they are facing due to COVID-19-related disruptions, workplace re-entry and business transformation. The complimentary assessment tool helps business leaders quickly identify and prioritize their organization's unique pain points, threats and vulnerabilities across their core functions, and then creates an agile operating model, with an immediate triage heatmap of priorities and a recommended suite of practical tools and processes to best position their organization for competitive advantage after the crisis.

Regarding airplanes specifically: on the whole, they seem safer than many other group activities. There are no superspreader events involving airplanes.

A recent survey by Sectigo, 2020 Work-From-Home IT Impact Study, showed that nearly 50% of those polled reported that productivity had increased since they were asked to WFH, while 35% "Feel it's stayed consistent," and only 16% noted an actual decrease in productivity. As C-level executives keep embracing the increased productivity of a distributed workforce, "They need to consider new approaches to security that rely on automation and secure digital identities," said Sectigo CEO Bill Holtz.

Between the second and third weeks of March 2020, email scams and phishing attacks spiked by an unprecedented 436%. Such was the effect of the COVID-19 pandemic. BEC attacks represent a low percentage of email attacks by volume, but a disproportionally high percentage of overall loss to business.