Coronavirus | SC Media

Coronavirus

SMEs relearn security basics under COVID’s telework conditions

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday launched a free “Telework Essentials Toolkit” designed to help businesses to adjust to the realities of working from home during the COVID pandemic. DHS teamed up with the Cyber Readiness Institute (CRI), Global Cyber Alliance and other partners to add these resources to the agency’s dedicated…

U.S. universities at risk of back-to-school and Covid-19 email fraud

The top 20 universities based in the U.S. are failing to implement proper DMARC protections and policies, opening the door for fraudsters to spoof their email domains and convincingly impersonate them at a time when students are likely expecting to receive a wealth digital communications related to back-to-school instructions, researchers warn. In particular, students and…

Mobile ransomware disguised as upcoming Canadian Covid-19 contact tracing app

Capitalizing on a Canadian government announcement pertaining to the development of a nationwide, voluntary Covid-19 contact tracing app, malicious actors this month created a fake version of such an app that in reality infects Android users with mobile ransomware. According to a new blog post from ESET, the ransomware, dubbed CryCryptor, was found being distributed…

Ex-CIA exec: Covid-19 has created ideal ‘crisis’ conditions for malicious hackers

Companies trying to stave off business disruption caused by the global Covid-19 pandemic may be ripe for compromise as they introduce new risks in the scramble to maintain business continuity, warned a retired senior CIA executive in a keynote presentation Wednesday at the InfoSec World 2020 digital conference. In essence, the coronavirus has created ideal…

Securing Work from Home Wi-Fi Access

Wi-Fi networks, whether in public or private, are by their very nature dirty. Security professionals warn that every network carries inherent risk to our devices, data and resources, because they are exposed a myriad of attacks, including these “Dirty Half Dozen” Wi-Fi risks: eavesdropping; exploits; evil-twin Wi-Fi; lateral network infections; DNS hijacking; and scanning, enumerating…

Phishing campaign targets remote workers with fake voicemail notifications

Looking for new angles to socially engineer employees working from home under COVID-19 conditions, attackers have devised a new phishing campaign that distributes emails that look as if they were generated by  Private Branch Exchange (PBX), a legacy technology that integrates with employees’ email clients so they can receive their voicemail recordings. In a company…

States’ lack of DMARC adoption ups risk of Covid-19 email spoofing scams

As phishing scammers actively impersonate institutions like the World Health Organization and Centers for Disease Control and Prevention in order to capitalize on Covid-19 fears, government bodies and state-run health care organizations continue to make themselves vulnerable to email spoofing by failing to employ DMARC email validation protections, a new report states. An investigation by…

Kentucky is 6th state to disclose leak of unemployment claims amid Covid-19

Kentucky has become the sixth state to disclose a data leak related to unemployment-related forms that has taken place during the Covid-19 pandemic. The Kentucky Education & Workforce Development Cabinet (EWDC) on Thursday acknowledged that a vulnerability in its Unemployment Insurance Portal caused a data leak that allowed insurance claimants to view the identity verification…

Test platform leaks Bank of America clients’ Covid-19 PPP loan applications

Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…

Next post in Coronavirus