25 Mar 2020

Apple blocks third-party cookies in Safari

Apple released Safari 13.1 yesterday, which included new updates to Safari’s Intelligence Tracking Prevention (ITP) privacy feature. The most major shift was that Apple products will now block all third-party cookies while in Safari by default. Apple’s latest move means that online advertisers and analytics firms will not be able

Read More
24 Mar 2020

Hackers Hijack Routers’ DNS to Spread Malicious COVID-19 Apps

Researchers have found that a new cyberattack campaign is hijacking router’s DNS settings, changing web browser display alerts that show fake COVID-19 information claiming to be an app controlled by the World Health Organization. However, behind the fraudulent app is Vidar information-stealing malware. Over the past five days, several users

Read More
24 Mar 2020

Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown

The Department of Justice has been cracking down on malicious websites using the current pandemic to lure victims. Most recently, the DoJ has taken down a website that claimed to give out coronavirus vaccine kits but rather stole victims’ payment card and personal information. This shutdown marks the first federal

Read More
24 Mar 2020

White House pushes for more telework as first DOD contractor dies because of COVID-19

The White House has announced that government agencies must utilize technology to support teleworking capabilities after COVID-19 took its first victim from the Pentagon. The memo, which was issued by the Office of Management and Budget (OMB), states that agencies should be taking steps to ensure that employees can work

Read More
23 Mar 2020

Hackers breach FSB contractor and leak details about IoT hacking project

Digital Revolution, a Russian hacker group, has allegedly breached a contractor for the FSB. The FSB is Russia’s national intelligence service, and the hacking group claims to have obtained details about a project intended for hacking IoT devices. This week, the group published 12 technical documents, diagrams and code fragments

Read More
23 Mar 2020

200M Records of US Citizens Leaked in Unprotected Database

CyberNews, a Lithuanian research group, has discovered an unprotected database that holds 200 million detailed user records. The owner of the database remains unknown, however, the leaked profiles seem to be US users and contain individuals’ full names and titles, email addresses, phone numbers, birthdates, credit ratings, home and mortgage

Read More
23 Mar 2020

Russian APT28 Group Changes Tack to Probe Email Servers

Russian threat actor group APT28 has recently been probing email servers, scanning for vulnerable email, Microsoft SQL Servers and Directory servers, changing its tactics from its previous attacks. The APT group is responsible for some major cybercrime campaigns over the past few years, including stealing information from the Democratic National

Read More
20 Mar 2020

A Perfect Storm forms as COVID-19 Meets Cyberspace

On Sunday, the US Department of Health and Human Services was hit by a cyber attack intended to disrupt its response to the COVID-19 virus. The ‘disruption and disinformation’ attack has illustrated an intent to target a renewed dependency on IT systems during this pandemic. Businesses, universities, and governments around the world are rapidly deploying remote capabilities to allow work from home during self-isolation to flatten the curve. This solution however, has hyperextended existing IT infrastructure and while defenders struggle to adapt to this new perimeter, adversaries are sure to discover more points of impact.

Read More
20 Mar 2020

Identifying Critical Infrastructure During COVID-19

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) published a detailed guide on how to identify critical infrastructure during the pandemic. The publication states that functioning critical infrastructure is paramount to effectively responding to the COVID-19 outbreak for health and safety reasons. The DHS states that specific

Read More
20 Mar 2020

WHO Chief Impersonated in Phishing to Deliver HawkEye Malware

A new and continuing phishing campaign is posing as the Director-General of the World Health Organization (WHO) and is spreading malware known as HawkEye to victims’ devices. According to IBM X-Force Threat Intelligence researchers, the campaign started on Thursday, the same day it was discovered after the researchers found several

Read More