Security News

Mayo? Mustard? Creep who takes your sandwich order plus the personal details you handed over for contact tracing? You may well ask how you do contact tracing without collecting people's PII. Countries have certainly asked, and they've found what will hopefully turn out to be an approach that leaves people's privacy intact.

There has been an exponential growth in phishing and website scams in Q1 2020, according to a Bolster analysis of over 1 billion websites. Of the total number of confirmed phishing and counterfeit pages, 30% were related to COVID-19 - that is over a quarter of a million confirmed malicious websites.

US authorities warned healthcare and scientific researchers Wednesday that Chinese-backed hackers were attempting to steal research and intellectual property related to treatments and vaccines for COVID-19. "We are leading the world in COVID-19 treatment and vaccine research. It is immoral to target China with rumors and slanders in the absence of any evidence," Zhao said.

Previously, manual contact tracing was used during pandemics. The process of getting a list of everyone a patient has been in touch with, then contacting them, has a formal name called contact tracing.

Phishing emails typically try to ensnare their victims by impersonating well-known companies, brands, products, and other items used by a lot of people. The phishing email itself tries to look legitimate by copying the content and images of real emails from DocuSign.

Governments and organizations are unleashing new technologies to fight the spread of the coronavirus, adding to privacy and data collection concerns. A new Pew Research poll takes a look at the current sentiment regarding these new contact tracing applications and data collection.

Nigerian cybercriminals specialized in business email compromise attacks were observed leveraging COVID-19 lures in recent attacks on healthcare and government organizations, Palo Alto Networks reveals. The campaigns stand out because they also attempted to compromise organizations critical to COVID-19 response efforts, including "Government healthcare agencies, local and regional governments, large universities with medical programs/centers, regional utilities, medical publishing firms, and insurance companies across the United States, Australia, Canada, Italy, and the United Kingdom."

In that way, a new reality in which everyone is working from home isn't all that different from other imagined scenarios. When you have a workforce spread out as they are now, there are some new risks to consider.

Nearly one in seven senior decision makers said their organization has already experienced at least one cyberattack since the start of the COVID-19 pandemic, according to a new report by Alliant Cybersecurity. SEE: Cybersecurity: SMBs are keeping up with big companies, according to Cisco survey.

Threat actors are using a combination of scams to obtain as well as buy and sell credentials for U.S. taxpayers to steal appropriations from the COVID-19 relief package as well as 2020 tax refunds, new research has found. The package includes $1,200 in individual taxpayer payments to those who qualified, representing a new opportunity for fraud alongside the usual tax-season campaigns that threat actors typically employ.