Coronavirus news, articles & updates| SC Media

Coronavirus

Justice charges Chinese nationals in hacking campaign

Two Chinese hackers working with the Ministry of State Security, and charged by the Justice Department on Tuesday, allegedly ran a more-than-decade-long campaign hacking into the systems of hundreds of companies, governments, NGOs, dissidents, human rights activists and even clergy, nicking intellectual property and proprietary business research and more recently targeting companies developing COVID-19 vaccines,…

U.K. Covid-19 Test and Trace violated GDPR

The U.K. government violated data privacy regulated Europe’s GDPR by implementing a NHS Test and Trace program to monitor the spread of COVID-19 without also establishing a required Data Protection Impact Assessment (DPIA). Privacy advocacy organization Open Rights Group (ORG) issued a complaint against Public Health England (PHE), which launched the program on May 28,…

Akamai NOCC

Rise in DDoS attacks lost in pandemic

Though they might get lost in all the other security threats exacerbated by the Covid-19 pandemic, DDoS attacks, unsurprisingly, ticked up during the first part of 2020, most handily absorbed by the internet backbone – and the defensive efforts of targeted companies. Disruptions at AT&T, Sprint, T-Mobile and Verizon and streaming companies in mid-June stoked…

U.S. universities at risk of back-to-school and Covid-19 email fraud

The top 20 universities based in the U.S. are failing to implement proper DMARC protections and policies, opening the door for fraudsters to spoof their email domains and convincingly impersonate them at a time when students are likely expecting to receive a wealth digital communications related to back-to-school instructions, researchers warn. In particular, students and…

Microsoft phishing domains takedown aimed at familiar criminals refocused on Covid-19

Microsoft has seized a number of phishing domains in an attempt to disrupt cybercriminals who recently switched targets to take advantage of the COVID-19 pandemic. In response to a civil suit brought by the tech giant, the U.S. District Court for the Eastern District of Virginia issued an order that let Microsoft take control of…

Personal home router

Home routers largely unpatched, raising risk during Covid-19 WFH

Employers who have suddenly shifted a large percentage of their workforce to remote due to Covid-19 no doubt will shudder by the findings of a new Fraunhofer Institute for Communication, Information Processing and Ergonomics study that concluded no home router was without security vulnerabilities. The German tech think tank analyzed 127 home routers from seven…

Even during pandemic, healthcare orgs successfully fending off attacks

Despite an increased toll on their computer systems amid Covid-19, healthcare organizations throughout the world generally are doing a good job of mitigating inbound attack attempts, according to a Vectra analysis of the first five months of 2020. The report cites a doubling of data exfiltration behaviors to external destinations in Europe, Middle East and…

Mobile ransomware disguised as upcoming Canadian Covid-19 contact tracing app

Capitalizing on a Canadian government announcement pertaining to the development of a nationwide, voluntary Covid-19 contact tracing app, malicious actors this month created a fake version of such an app that in reality infects Android users with mobile ransomware. According to a new blog post from ESET, the ransomware, dubbed CryCryptor, was found being distributed…

Ex-CIA exec: Covid-19 has created ideal ‘crisis’ conditions for malicious hackers

Companies trying to stave off business disruption caused by the global Covid-19 pandemic may be ripe for compromise as they introduce new risks in the scramble to maintain business continuity, warned a retired senior CIA executive in a keynote presentation Wednesday at the InfoSec World 2020 digital conference. In essence, the coronavirus has created ideal…

Report: Lazarus Group has large-scale Covid-19 phishing campaign in the works

North Korea’s Lazarus group is likely behind a planned coronavirus-related phishing campaign taking aim at more than 5 million businesses and people in the U.S. and five other countries June 21. “The hacking campaign involved using phishing emails under the guise of local authorities in charge of dispensing government-funded Covid-19 support initiatives,” researchers at Cyfirma…

Next post in Coronavirus