Security News

Bad actors could create or change websites and social media content to discredit this year's electoral process, cautions the FBI and CISA. The 2020 presidential election promises to be a rough and divisive one. A new message from the Federal Bureau of Investigations and the Cybersecurity and Infrastructure Security Agency warns voters of the likelihood that foreign actors and cybercriminals will try to propagate fake news about the election results to discredit the process and weaken confidence in the US political system.

While the COVID-19 outbreak has disrupted the lives and operations of many people and organizations, the pandemic failed to interrupt onslaught of malicious emails targeting people's inboxes, according to an attack landscape update published by F-Secure. Increase of malicious emails utilizing COVID-19 issues.

A cybercrime group that has previously struck Docker and Kubernetes cloud environments has evolved to repurpose genuine cloud monitoring tools as a backdoor to carry out malicious attacks, according to new research. "To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure," Israeli cybersecurity firm Intezer said in a Tuesday analysis.

"The biggest takeaway is that there exists a market, demanded by cybercriminals, for threat actors to advertise customized sniffer variants to conduct attacks against e-commerce websites through malicious JavaScript injection," researchers with Recorded Future told Threatpost, on Thursday. One such Russian-speaking threat actor currently making waves is called "Billar," which created and is the sole designer of a payment card sniffer called "Mr.SNIFFA." This sniffer was first debuted on Exploit Forum on Dec. 3, 2019, and is currently being advertised for about $3,000.

While attachment threat vectors are one of the oldest malware-spreading tricks in the books, email users are still clicking on malicious attachments that hit their inbox, whether it's a purported "Job offer" or a pretend "Critical invoice." The attack vector is still widespread enough where tech giants are re-inventing new ways to try to stomp it out, with Microsoft just this week rolling out a feature for Office 365 that aims to protect users against malicious attachments sent via email, for instance.

To help people and businesses affected financially, the government has been offering loans, stimulus packages, and increased unemployment benefits. A report published Friday by global threat intelligence firm IntSights describes how cybercriminals have been combining various types of data to create phony IDs to obtain unemployment benefits from the US government.

In one four-month period some 907,000 spam messages, 737 incidents related to malware and 48,000 malicious URLs - all related to COVID-19 - were detected by one of INTERPOL's private sector partners. "Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19," said Jürgen Stock, INTERPOL Secretary General.

Cybercriminals could be stealing data from payment cards with EMV chips and using it to create magnetic stripe cards which they can use for card-present transactions, cybersecurity firm Gemini Advisory reported on Thursday. This enables cybercriminals who can steal EMV card data to encode that data on a magnetic stripe, inserting the iCVV instead of the CVV that is expected to be on the magnetic stripe.

Trend Micro unveiled new insights analyzing the market for underground hosting services and detailing how and where cybercriminals rent the infrastructure that hosts their business. There are varied types of underground hosting and associated services used by cybercriminals to operate their businesses, including bulletproof hosting, VPNs, anonymizers, and DDoS protection.

As most people have been busy grappling with the impact of the coronavirus pandemic so too have cybercriminals been busy, but for more nefarious reasons. The spread of COVID-19 has provided fertile ground for criminals to launch different types of attacks that have exploited not just the virus but also the resulting lockdown and stay-at-home situation.