24 Mar 2020

Hackers Hijack Routers’ DNS to Spread Malicious COVID-19 Apps

Researchers have found that a new cyberattack campaign is hijacking router’s DNS settings, changing web browser display alerts that show fake COVID-19 information claiming to be an app controlled by the World Health Organization. However, behind the fraudulent app is Vidar information-stealing malware. Over the past five days, several users

Read More
24 Mar 2020

White House pushes for more telework as first DOD contractor dies because of COVID-19

The White House has announced that government agencies must utilize technology to support teleworking capabilities after COVID-19 took its first victim from the Pentagon. The memo, which was issued by the Office of Management and Budget (OMB), states that agencies should be taking steps to ensure that employees can work

Read More
23 Mar 2020

Hackers breach FSB contractor and leak details about IoT hacking project

Digital Revolution, a Russian hacker group, has allegedly breached a contractor for the FSB. The FSB is Russia’s national intelligence service, and the hacking group claims to have obtained details about a project intended for hacking IoT devices. This week, the group published 12 technical documents, diagrams and code fragments

Read More
23 Mar 2020

200M Records of US Citizens Leaked in Unprotected Database

CyberNews, a Lithuanian research group, has discovered an unprotected database that holds 200 million detailed user records. The owner of the database remains unknown, however, the leaked profiles seem to be US users and contain individuals’ full names and titles, email addresses, phone numbers, birthdates, credit ratings, home and mortgage

Read More
20 Mar 2020

WHO Chief Impersonated in Phishing to Deliver HawkEye Malware

A new and continuing phishing campaign is posing as the Director-General of the World Health Organization (WHO) and is spreading malware known as HawkEye to victims’ devices. According to IBM X-Force Threat Intelligence researchers, the campaign started on Thursday, the same day it was discovered after the researchers found several

Read More
20 Mar 2020

Misconfigured Elasticsearch Instance Exposes More Than 5 Billion Records

An open Elasticsearch incident has reportedly exposed more than 5 billion records from 2012 to March 16, when the breach was discovered. The data in two of the collections is information on data breaches collected by a UK research firm over the course of the same time period. The data

Read More
19 Mar 2020

Libya-based hackers using coronavirus pandemic to spread mobile surveillance malware

Coronavirus themed emails have been targeting victims less and right, feeding off of global fear. The campaigns use messages and software as well, to trick people into downloading malware and other malicious programs. Kristin Del Rosso and other researchers at Lookout, a cybersecurity company, have uncovered a unique coronavirus attack

Read More
19 Mar 2020

COVID-19: With everyone working from home, VPN security has now become paramount

Due to the COVID-19 outbreak, thousands of employees have been working from home in an effort to contain the spread of the virus. Experts argue that this means enterprise VPN servers have become essential to a company’s security. Experts state that it is extremely important for organizations to ensure that

Read More
18 Mar 2020

Magecart Cyberattack Targets NutriBullet Website

A Magecart group has taken over NutriBullet’s website, installing skimmers across the site that aim to steal customer payment card data. Researchers warned the public about the security risk, stating that it was likely Magecart Group 8 behind the cybercrime. A researcher with RiskIQ stated on Wednesday that a JavaScript

Read More
18 Mar 2020

Coronavirus-Themed APT Attack Spreads Malware

An advanced persistent threat (APT) group has been leveraging the current pandemic to spread new malware deemed “Vicious Panda.” Security researchers stated that they had identified two suspicious Rich Text Format files targeting the Mongolian public sector. The RTF files execute a unique remote access trojan that takes screenshots of

Read More