An Amnesty International study of 11 Covid-19 contact tracing apps from Europe, the Middle East and North Africa found identified apps from Bahrain, Kuwait and Norway as the most dangerous to users’ privacy. In a news release published on Tuesday, the human rights organization’s Security Lab said Bahrain’s ‘BeAware Bahrain’, Kuwait’s ‘Shlonik’ and Norway’s ‘Smittestopp’…
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) has put out a joint call-to-action with Google and Verizon for the security industry to take more proactive measures to authenticate and secure their sending domains and email addresses by deploying email authentication at scale. Preventing rampant phishing during the COVID-19 period should be a top…
One hundred German companies in need of personal protective equipment (PPE) such as facemasks and medical gear were targeted in a COVID-19 phishing scheme designed to steal and exfiltrate user credentials. IBM X-Force IRIS discovered unknown hackers erected a fake Microsoft login page connected to different Yandex email accounts, although it was unknown how many…
Looking for new angles to socially engineer employees working from home under COVID-19 conditions, attackers have devised a new phishing campaign that distributes emails that look as if they were generated by Private Branch Exchange (PBX), a legacy technology that integrates with employees’ email clients so they can receive their voicemail recordings. In a company…
Stay-at-home workers are threatening corporate IT security with 93 percent of them admitting they reuse passwords and 29 percent allowing other family members to use their company-issued devices for homework and online entertainment, according to a report from CyberArk. In a late April 2020 survey of 3,000 remote office workers and IT professionals in the…
As phishing scammers actively impersonate institutions like the World Health Organization and Centers for Disease Control and Prevention in order to capitalize on Covid-19 fears, government bodies and state-run health care organizations continue to make themselves vulnerable to email spoofing by failing to employ DMARC email validation protections, a new report states. An investigation by…
Kentucky has become the sixth state to disclose a data leak related to unemployment-related forms that has taken place during the Covid-19 pandemic. The Kentucky Education & Workforce Development Cabinet (EWDC) on Thursday acknowledged that a vulnerability in its Unemployment Insurance Portal caused a data leak that allowed insurance claimants to view the identity verification…
Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…
The CyberPeace Institute and dozens of international leaders and dignitaries on Tuesday collectively urged the world’s governments in an open letter to help put an end to cyberattacks on hospitals and health care institutions that are already under the incredible strain of combatting the Covid-19 pandemic. “Over the past weeks, we have witnessed attacks that…
As the Covid-19 pandemic continues to hobble economies around the world, cybersecurity is one of six sectors currently booming, with first quarter funding topping $1.5 billion. That figure is close to a record high, according to Crunchbase Data Evangelist Gené Teare, who told SC Media that instead of seeing cybersecurity companies and VCs putting the…
