Email-based phishing schemes continue to trick victims with promises of coronavirus information, cures and vaccines, but now some fraudsters are also sending their targets lures related to the U.S. government-approved stimulus checks promised to most Americans. The latest evidence of this is a new report, authored by Abnormal Security, which details a scheme to impersonate…
As COVID-19 continues to spread around the world, so does the use of risky mobile applications designed to help track the outbreak. Some of these apps already present troubling privacy implications due to their ability to track the movements of local citizens and collect information on them. But beyond that, they may also be saddled…
As the COVID-19 pandemic rages, the cyber community has rightly focused on protecting the health care industry from malicious hackers but education is at risk, too, as recently homebound students attend school in record numbers via online edtech platforms, e-learning environments and video conferencing. In a public service announcement this month, the FBI’s Internet Crime…
Some welcome good news on the COVID-19 front: Microsoft Corporation said it is stepping up its efforts to protect hospitals and other critical services from opportunistic cyberattacks, while Mozilla has founded a new fund to support open-source projects that help fight the pandemic. In a company blog post, Microsoft said that it identified dozens of…
Patch management was challenging enough before the world was upended by a rapidly spreading pandemic. But with security teams working remotely, and employee-operated devices dispersed across large distances, quickly prioritizing and fixing critical vulnerabilities has become both more difficult and more important. As the 2017 Equifax breach showed, delays in patching can result in a…
Just as legitimate businesses have had to make major adjustments to the realities of COVID-19, the cybercriminal underground economy has also had to stay nimble. Indeed, a new dark web report from Digital Shadows’ Photo Research Team shows that some hacking forum members are in a struggle to keep their cybercriminal operations afloat, while others…
Google yesterday issued a stable channel update for the desktop version of its Chrome browser for Windows, Mac and Linux, fixing eight vulnerabilities in the process. The patched bugs included at least three high-level bugs, including two use-after-free flaw in WebAudio (CVE-2020-6450 and CVE-2020-6451), and a head buffer overflow in media (CVE-2020-6452). The two WebAudio…
The Affordacare Urgent Care Clinic, a network of medical providers based in Texas, has officially confirmed a combination data breach-ransomware attack that exposed sensitive information. The company is claiming that social security numbers were not impacted in the incident, despite security experts having demonstrated that the attackers have published stolen documents containing patients’ and employees’…
A member of a hacking forum has reportedly posted data corresponding to over 4.9 million of citizens from the country of Georgia, both living and dead. The leaked dataset was made available via a 1.04 GB Microsoft Access database file, according to a report from ZDNet, which was alerted to the dump by breach monitoring…
Previously burned by a hack of its Starwood reservations system, Marriott International on Tuesday disclosed another major data breach, this one affecting 5.2 million of its guests. According to the Bethesda, Md.-based hospitality giant, the source of the breach was an application that its hotels use to provide guests with various services. Marriott did not name…
