Security News
Karen Roby: With so many people working from home, security should be top of mind. A lot of people that I've been talking to in companies all around the world built their business continuity plans based upon the assumption that we'd be able to do shift work, where there'd be skeleton crews, left inside of facilities, and it's very clear that now a lot of that has shifted to 100% evacuation from those facilities and 100% work from home.
A security expert offers tips on how to keep employees safe in this work-from-home environment during the coronavirus pandemic.
The Zeus Sphinx banking trojan is back after being off the scene for nearly three years. First seen in August 2015, Sphinx is a modular malware based on the leaked source code of the infamous Zeus banking trojan, the researchers explained.
IBM and FireEye have spotted a campaign that relies on fake "COVID-19 Payment" emails to deliver the Zeus Sphinx banking trojan to people in the United States, Canada and Australia. The emails have the subject line "COVID-19 payment" and they carry malicious documents named "COVID 19 relief."
This weekend, the Wall Street Journal reported that US government officials are using location data from millions of cellphones to understand citizens' movements and how they're affecting the spread of the disease. Other countries are taking a soft approach to using location data for the public good.
So in this sense, I think that any argument for using surveillance to keep track of covid-19 infections or to provide basic security isn't credible and so can't be simply trusted. If anyone now were to claim that they think they can stop an outbreak by means of surveillance, I think such might as well be deceptive, but also very wrong if the surveillance part isn't really neccessary.
As people increasingly work from home and online communication platforms such as Zoom explode in popularity in the wake of coronavirus outbreak, cybercriminals are taking advantage of the spike in usage by registering new fake "Zoom" domains and malicious "Zoom" executable files in an attempt to trick people into downloading malware on their devices. "The recent, staggering increase means that hackers have taken notice of the work-from-home paradigm shift that COVID-19 has forced, and they see it as an opportunity to deceive, lure, and exploit. Each time you get a Zoom link or document messaged or forwarded to you, I'd take an extra look to make sure it's not a trap."
U.S. Sen. Mark R. Warner this week sent letters to six Internet networking device vendors urging them to ensure that their products remain secure during the COVID-19 social distancing efforts. The coronavirus pandemic has forced many to isolate themselves at home to help stop the virus spread, which resulted in a significant increase in the use of Internet networking devices for remote work, health, and education purposes.
Hijacked Twitter accounts peddling fake cures, scammy sites offering emergency supplies, misinformation campaigns, phishing emails and - can you believe it? - even a computer antivirus solution that protects against COVID-19! What will online scammers think of next? Malwarebytes researchers have spotted a website advertising "Corona Antivirus -World's best protection" - a digital antivirus that supposedly protects against the actual COVID-19.
Cybersecurity firm Forcepoint reports that it has found a number of new phishing and malware scams circulating around the internet with a common theme: They all aim to capitalize on coronavirus and COVID-19 fears. The tactics being used in this current wave of COVID-19 phishing and malware are nothing new: Phishing attempts are seeking to steal email passwords, fake ads are selling scam products, and traditional malware droppers are being found in infected word documents.