Security News

The first report on the new campaign came in a RedDrip Team tweet on March 12, 2020: "Malicious document, pretending to be from the Government of #India with health advisory of Coronavirus, seems delivered by #Transparent Tribe. Victims are lured to enable macro to execute #Crimson #RAT payload.". There have been numerous media reports about the Chinese nation-state APT Vicious Panda.

The latest scheme includes a malicious Android tracker app that supposedly allows users to keep an eye on the spread of the virus, but locks victims' phone and demands money to unlock it. The DomainTools security research team is warning about a discovered a malicious domain distributing a fake Coronavirus outbreak tracker app, which will purportedly provide users tracking and statistical information about Covid-19 and heatmap visuals.

"Working from home or online education programs are not new. However, a large, immediate migration of people from enterprise and university networks that are closely monitored and secured, to largely unmonitored and often unsecure home Wi-Fi networks, creates a very large target of opportunity for cybercriminals," Chris Hazelton, director of security solutions at Lookout, told Threatpost. This forgetfulness when it comes to security can be especially true for those who are not used to working or learning at home: "People working from home get easily distracted, especially if they are normally used to working in the office, and they will mix work with personal email and web browsing," Colin Bastable, CEO of security awareness training company Lucy Security, said in an email interview.

"This lack of confidence shows that many organizations approach risk management in an outdated and ineffective manner," said Matt Shinkman, vice president in the Gartner Risk and Audit practice. Organizations often have policies in place to deal with most risks, but they don't activate them until it's too late because no one is owning the risk or taking it seriously until it is fully manifested.

Both tested positive for COVID-19 after attending RSA in San Francisco. The two Exabeam employees who were diagnosed with coronavirus after attending the RSA tech conference, which ran from Feb. 24-28 at the Moscone Center in San Francisco, are on the road to recovery.

As of March 5, the map lists 176 cases in the US. A United Nations aviation agency built the 3DFX Dispersion map, which shows the movement of the coronavirus around the world via air traffic routes from its origin in Wuhan, China. The geographic information system map displays multiple layers of data, including deaths, confirmed cases, and cases by country.

Women appearing on the RSA keynote stages this year included, among others, cryptography expert and blockchain fan Tal Rabin; Katie Arrington, the Pentagon's CISO of acquisitions, discussing Huawei; Jessica Barker talking about the psychology of fear and trying to blame users; computer scientist and human factors expert Celeste Paul of the National Security Agency; coordinated vulnerability disclosure queen Katie Moussouris; and Wendy Nather of Duo Security - now part of Cisco - who sadly wasn't allowed to arrive on the opening morning's keynote stage via skateboard. RSA went ahead despite mounting concerns over the coronavirus SARS-CoV-2 that causes the severe acute respiratory syndrome COVID-19.

Google has emitted its latest monthly batch of Android security fixes, addressing a total of 70 CVE-listed vulnerabilities. The documented flaw, CVE-2020-0032, lies within the open-source Android media framework that can be exploited by opening a booby-trapped file that Google is disturbingly vague about.

It's 3% of our global GDP. So, in essence, the coronavirus just does a couple of things for how we react as human beings to a crisis. So you just need to think about the awareness of your employees of these types of things and that in a situation like this, they are very likely to click information about what's really going on with the company, with the external world around you and get information about the coronavirus, that malicious actors use to basically penetrate your network or defraud you of your money.