Coronavirus | SC Media

Coronavirus

Malvertising scam leverages domain names that sound like legit COVID-19 sites

A recently discovered malvertising campaign is hosting the Fallout exploit kit on attacker-controlled websites featuring domain names that falsely imply they provide useful information about the novel coronavirus. The ultimate goal is to infect victims with KPOT v2.0, an information and password stealer, according to a new blog post from the Avast Threat Intelligence team,…

APT32 actively spearphishing Chinese officials in a search for COVID-19 data

The suspected Vietnamese threat group APT32 has been conducting a spearphishing campaign against Chinese targets in an attempt to glean information on COVID-19. FireEye’s Mandiant Threat Intelligence Team reported the attacks have been conducted throughout the pandemic, from early January to date, with the targets including China’s Ministry of Emergency Management as well as the…

NintendoSwitch

Resellers reportedly using bots to buy up in-demand Nintendo Switches

Consumers sheltering in place at home who were hoping to order a Nintendo Switch to stave off cabin fever during the COVID-19 pandemic have reportedly been thwarted by a newly introduced bot program designed to buy up consoles from e-retailers before ordinary humans can. Dubbed Bird Bot, the open-source tool has been used by buyers…

Phishing campaign aims to steal Zoom credentials using fake layoff notifications

Researchers have uncovered a phishing campaign, designed to steal Zoom credentials, that attempts to trick email recipients into thinking they are about to be laid off amid the pandemic. The attackers hope potential victims will click on a malicious link that supposedly links to a Zoom meeting hosted by human resources. The campaign targets Office…

Remote workers’ lack of corporate firewalls blamed for rise in malicious device activity

Since the coronavirus pandemic forced companies to enact sweeping work-from-home policies, the number of organizations whose devices have been compromised and forced to engage in malicious activity have at least doubled, according to new research released today. The researchers behind the study – conducted jointly by Arctic Security and Team Cymru – believe many of the affected…

Nation-state hackers reportedly hunting for COVID-19 research

Foreign state-sponsored hackers are reportedly targeting companies tasked with researching COVID-19, in some cases intruding into systems and performing reconnaissance. FBI Deputy Assistant Director Tonya Ugoretz acknowledged the cyber espionage activity in an online panel discussion organizations by the Aspen Institute, Reuters has reported. Ugoretz reportedly said that when companies publicly disclose that they are…

COVID-19 upends supply chain, 3rd-party risk rises

Manufacturers and supply chain organizations must prioritize limiting third-party risk as they produce, warehouse and deliver essential goods and medical supplies during the COVID-19 pandemic, said Curtis Simpson, former VP and global CISO with multi-billion-dollar food marketer and distributor Sysco Corporation, in a podcast interview with SC Media. Houston-based Sysco is one of multiple companies…

Virtual panel: How supply chains can survive COVID-19’s cyber impact

COVID-19 has changed virtually every aspect of how business is done – and the global supply chain has not been spared. Indeed, companies have been rapidly overhauling their manufacturing, warehousing and distribution operations to produce and deliver life-sustaining goods to meet high demands for food, drugs and medical supplies. But eyes keenly focused on the…

Next post in Coronavirus