The Daily 📅 CyberSecurity 🛡️ Brief 📓 [Monday, March 23, 2020]

— prepared by @jeanbsu, intelligence briefer & principal analyst 🕵️

Here’s Everything You Need To Know Today — In 10 Minutes Or Less — About The World’s Most Important News, Events & Trends in CyberSecurity.

But before you read on, please like today’s 🛡️ CyberSecurity Brief 📓 by clicking the ❤️ below the headline so it will appear in clever algorithms and more people will read it!


Today’s CyberSecurity Brief is sponsored by Mostly AI, The World's Most Advanced ‍Synthetic Data Engine That Anonymizes Personal User Data At Scale


What’s News 📰

  • Elite Hackers Target WHO As Coronavirus Cyberattacks Spike
    WHO Chief Information Security Officer Flavio Aggio said the identity of the hackers was unclear and the effort was unsuccessful. But he warned that hacking attempts against the agency and its partners have soared as they battle to contain the coronavirus, which has killed more than 15,000 worldwide—Reuters

  • White House Urges Agencies To Implement New Authentication Methods Amid Telework
    A March 22 memo from the White House’s Office of Management and Budget encouraged agencies to consider alternative methods of authentication in case of an extended telework period caused by the new coronavirus. The guidance comes as federal networks are strained and employees in headquarters reduced as the federal government makes adjustments to ensure its workforce remains safe from exposure to COVID-19—Fifth Domain

  • Windows Flaw Lets Hackers Use Fonts To Create Booby-Trapped Documents
    Hackers are exploiting a zero-day vulnerability in the Windows OS to take over systems, Microsoft said in a security alert today. All currently supported versions of the Windows and Windows Server operating systems are vulnerable, according to Redmond's security advisory. Windows 7, which is currently end-of-support, is also impacted—ZDNet, PCMag

  • Israel Government’s New 'Shield' App Tracks Your Coronavirus Exposure
    The Israeli Ministry of Health has released a new mobile app called "The Shield" that will alert users if they have been at a location in Israel at the same time as a known Coronavirus patient and works by collecting the GPS and SSID (WiFi network) information of a user's mobile device throughout the day. This data is saved only on the mobile device and is not transmitted to the Ministry of Health, other government agencies, or any organization—BleepingComputer

  • Fake Coronavirus ‘Vaccine’ Website Busted in DoJ Takedown
    The Department of Justice has cracked down on a website that claimed to give out coronavirus vaccine kits – but that was actually stealing victims’ payment card data and personal information—ThreatPost

  • New York Asks Domain Registrars To Crack Down On Sites Used For Coronavirus Scams
    On Friday, New York Attorney General Letitia James sent open letters to six of the internet's largest registrars—companies that sell domain names including GoDaddy, Dynadot, Name.com, Namecheap, Register.com, and Endurance International Group (owner of Bluehost.com, Domain.com, and HostGator.com)—asking them to deploy countermeasures that would make the registration of all COVID-19 and coronavirus-related domains much harder—ZDNet

  • China Borrowing Russian Tactics To Spread Coronavirus Disinformation
    The Chinese Communist Party, typically thought to run disinformation operations aimed at controlling the narrative, is mirroring behavior that is historically associated with Russian disinformation—spreading chaos and confusion. In this case, it’s about whether the coronavirus actually originated in China, Laura Rosenberger, the director of the Alliance for Securing Democracy, said during a disinformation event hosted by the CyberPeace Institute (CPI), a nonprofit founded last year to call out malicious cyber activities—CyberScoop

DealBook 💸

  • Cybersecurity Startup Horangi Nets $20 Million To Support Regional Expansion
    Singapore-based cybersecurity company Horangi announced that it has secured $20 million in a Series B funding round led by private equity firm Provident Growth. Monk’s Hill Ventures, Australian venture capital firm Right Click Capital, and venture debt fund Genesis Alternative Ventures also participated in the round—TechInAsia

Cyber Attacks ⚔️

  • Hackers Hijack D-Link and Linksys Routers’ DNS To Spread Malicious COVID-19 Apps
    A new cyber attack is hijacking D-Link and Linksys router's DNS settings so that web browsers would display a message prompting users to download a 'COVID-19 Inform App' that was allegedly from the World Health Organization (WHO) but instead installs the Vidar information-stealing malware—BleepingComputer

  • Ameren Missouri Equipment Supplier Targeted In Ransomware Attack
    Ransomware attackers have stolen data from a third-party vendor that supplies utility equipment to Ameren Missouri power plants. Dozens of data files from Ohio-based LTI Power Systems appeared on a ransomware server in late February, including equipment diagrams and schematics from two Ameren Missouri facilities. No customer information appears to have been involved in the data breach—St Louis Public Radio

  • New Mexico Agencies On Edge Amid Rising Ransomware Attacks
    New Mexico school districts, universities, and government agencies have collectively spent millions of dollars to regain control of their computer systems after employees unknowingly opened emails containing an encrypted code that effectively shuts them out of their systems—Associated Press

Data Breaches 🗃️

  • GE Discloses Data Breach After Service Provider Hack
    General Electric (GE) disclosed that personally identifiable information of current and former employees, as well as beneficiaries, was exposed in a security incident experienced by one of GE's service providers—BleepingComputer

  • A Hacker Is Selling Personal Data Of 538 Million Weibo Users
    The personal details of more than 538 million users of Chinese social network Weibo including real names, site usernames, gender, location, and—for 172 million users—phone numbers are currently available for sale online. The hacker claims to have breached Weibo in mid-2019 and obtained a dump of the company's user database—ZDNet

  • Using Ransomware, Hackers Steal And Publish Medical Data Of UK Firm Researching Coronavirus
    Black hat hacker group Maze has infected the infrastructure of UK’s medical firm Hammersmith Medicines Research, a firm researching the coronavirus with ransomware, managing to steal and publish sensitive data—CoinTelegraph

  • Paris Hospitals Target Of Failed Cyber-Attack, Authority Says
    The Paris hospital authority, AP-HP, was the target of a cyber-attack on March 22, according to France’s cybersecurity agency. The attack sought to disable hospital service in the French capital by overwhelming its computers, the ANSSI said—BloombergQuint

Cyber Threats 😈

  • HHS.gov Open Redirect Used By Coronavirus Phishing To Spread Malware
    The website of the U.S. Department of Health & Human Services (HHS.gov) is currently being used by attackers to push malware payloads onto unsuspecting victims' systems with the help of coronavirus-themed phishing emails—BleepingComputer

  • Fake Corona Antivirus Software Used to Install Backdoor Malware
    2 sites promoting a bogus Corona Antivirus are taking advantage of the current COVID-19 pandemic to distribute a malicious payload that will infect the target's computer with the BlackNET RAT and add it to a botnet—BleepingComputer

  • Apache Tomcat Exploit Poised To Pounce, Stealing Files
    A vulnerability in the popular Apache Tomcat web server is ripe for active attack, thanks to a proof-of-concept (PoC) exploit leaked on GitHub. The now-patched bug affects Tomcat versions 7.0, 8.5 and 9.0—ThreatPost

  • The Real Insider Threat Is The Use Of Security Software
    An insider threat is defined as a security risk that derives from within an organization and frequently, the risk is attributed to malicious or negligent employees, as well as others close to the organization, such as contractors and business associates: This understanding of insider threats misleadingly unloads the blame on people when security software is the real culprit—TechRadar Pro

Privacy 🔐

  • Personal Data Protection Today: We Should Demand More
    The growing number of cybersecurity incidents reported each year – and the fact that many attacks remain unreported for security and PR reasons – can leave even the most experienced security professionals worrying about threats to user data and privacy. And while the abundance of security solutions offered today can be somewhat reassuring, it also makes online security more confusing for IT personnel and end-users alike—HelpNet Security

In-Depth 👨‍💻

  • Ransomware Insurance Claims More Than Doubled In The Last Year
    Beazley Breach Response services, a unit of the London-based insurance firm, said Monday that its clients reported 775 ransomware attacks in 2019, a 131% increase over the previous year. The spike was motivated by a combination of factors, including the increased accessibility of pernicious strains of malicious software, higher demands and the simple inability of enterprises to fend off phishing emails or protect remote desktop protocol technology—CyberScoop

  • VPN Use Surges As Coronavirus Outbreak Prompts Huge Rise In Remote Working
    The growth in employees forced to work from home due to the COVID-19 coronavirus outbreak has led to a huge spike in people using business virtual private networks (VPN) to secure their remote working. Figures released by VPN provider NordVPN revealed that global use of its virtual private network technology had increased by 165% since 11 March. A business VPN allows users to securely connect to corporate networks to send and receive files, data, and applications from anywhere – which in many cases right now is going to be people's homes—ZDNet

  • Choosing A VPN For Added Internet Security
    Whether you’re working from home as a result of the coronavirus threat or just spending more time online, you may want to consider using a virtual private network, or VPN which is a software you typically download and that routes all the data sent to and from your computer or smartphone through its own server. That keeps anyone watching the traffic from knowing which sites you’re visiting. It can help mask your identity and location from snoops, too—Consumer Reports

  • FireEye Warns About The Proliferation Of Ready-Made ICS Hacking Tools
    In a study published today, FireEye said it analyzed all the hacking tools capable to target industrial control systems (ICS) that were released in recent years and concluded that most of the tools were vendor-agnostic, although 60% of the vendor-specific hacking tools were targeting Siemens machines—ZDNet

  • 2020 Cybersecurity Risks: Insecure Security Tools, Supply Chains, Abandonware
    One would expect security software to contain some of the most secure code on the planet. During 2019, however, a SafeBreach research team discovered major vulnerabilities in widely used security products that were written and tested by reputable cybersecurity companies—HelpNet Security

  • From Zero To Hero: CISO Edition
    It's time for organizations to realize that an empowered CISO can not only effectively manage enterprise risk but also grow the business along the way—Dark Reading

  • Cyber Hygiene Tips For Remote Workers
    To help you stay a few steps ahead of the bad guys, Mark Gilroy, CEO of advanced encryption key management company Fornetix has a bunch of simple cybersecurity and cyber hygiene tips to help keep you safe: Be suspicious of any emails asking people to check or renew their passwords and login credentials; Be suspicious of emails from people you don't know; Ensure your Wi-Fi connection is secure; Ensure anti-virus is in place and fully updated; Lock your screen if you work in a shared space; Check if you have encryption tools installed—ZDNet

  • How To Protect Your Online Streaming Accounts From Cybercriminals?
    As people around the world are being asked to remain in their homes due to the coronavirus pandemic, many are turning to streaming services such as Netflix, Hulu, Disney+, Spotify, and Apple Music for entertainment, Proofpoint cybersecurity strategist Adenike Cosgrove notes—HelpNet Security


Today’s CyberSecurity Brief is sponsored by Mostly AI, The World's Most Advanced ‍Synthetic Data Engine That Anonymizes Personal User Data At Scale

Share 🛡️ CyberSecurity Insights