Security News

NormShield researchers looked for websites using the names of 10 commonly discussed drugs over the last several months. While the number of phishing domains catapulted for chloroquine and azithromycin in particular, domain names containing the eight other drugs increased as well.

As these industries evolve and become more digitized, attackers have the opportunity to access more data than ever before. Wipers continue to trend upward as adversaries begin to realize the futility of purely destructive attacks.

As more people have been forced to work or stay at home due to the coronavirus , there's been a much greater reliance on virtual meeting software to communicate with co-workers, colleagues, friends, and family. As cybercriminals have been exploiting all aspects of COVID-19 for their own nefarious purposes, so too have they been taking advantage of virtual meeting apps to spread malware.

Since January, the two longtime cybersecurity experts have looked at how cybercriminals, ransomware groups, and several nation state actors quickly became involved in coronavirus-themed attacks, leveraging fears about the virus to steal money and information from thousands of people. Cybercriminals have also expanded attacks to take advantage of the fact that most countries are under quarantine, forcing millions to now work from home.

Recent studies have shown that cybercriminals building phishing sites now use SSL as well, complicating efforts by enterprises to keep their employees safe. The Menlo Security research revealed that while 96.7% of all user-initiated web visits are being served over https, only 57.7% of the URL links in emails turn out to be https, which means that web proxies or firewall will be oblivious to the threats unless enterprises turn on SSL inspection.

Linux malware is real and Advanced Persistent Threat groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans the cybercriminals are using to get and maintain access to Linux servers.

The financially-motivated hacking group FIN7 has started mailing malicious USB devices to intended victims in an effort to infect their computers with malware, the FBI warns. Mainly targeting businesses via phishing emails, the cybercrime group appears to have changed tactics recently, and started sending malicious USB devices to victims via the United States Postal Service.

KEEN is providing shoes to people most impacted by the COVID-19 pandemic, but their website was bombarded by malicious bots. The coronavirus pandemic is affecting every aspect of our lives and dozens of companies are chipping in to help those affected most by the current crisis.

The latest malicious COVID-19 campaigns are repurposing conventional phishing emails with a coronavirus angle, says security trainer KnowBe4. With the coronavirus upper most in our minds, bad actors have been deploying different waves of COVID-19 phishing emails, each with its own unique approach, according to KnowBe4.

Have you secured your streaming services' accounts? Are you sure someone else, unbeknown to you, isn't using them as well? He also posits that, despite cybercriminals having been compromising users' streaming services' accounts for ages, they will now likely increase their efforts.