Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Avast_Security_News: PPE provider targeted in phishing attack
#1
Information 
Quote:
[Image: TVDumYE.png]

Plus, Honda production is delayed due to cyberattack and researchers design security and privacy “nutrition” labels

Researchers have discovered a phishing campaign targeting over a hundred executives at an international company that is part of a German task force creating coronavirus protective equipment. The malicious emails in the campaign redirect users to a phony Microsoft login page, from where attackers harvest any credentials that are entered. According to Threatpost, suspicious activity was detected on the very day the task force was assembled – March 30, 2020. The name of the specific company targeted is being withheld, but the nine-company task force includes major organizations such as Volkswagen, Bayer, Lufthansa, and DHL. About half of the phishing emails were sent to executives at the larger company while the other half were sent to executives at the company’s third-party partners, bringing the total number of companies targeted to about 40. 

Researchers traced the suspicious activity to a Russian IP address and believe the intent of the attack is to take advantage of the new government-led purchasing and logistics structure of the process by compromising the procurement operations of one of its leading players. However, nobody knows for sure.
“There is not enough evidence yet to know who might be behind the attack,” commented Avast security evangelist Luis Corrons. “It seems it could be a state-sponsored attack looking for industrial secrets or looking for capabilities to disrupt the multinational company’s production. In any case, this doesn't look like an attack carried out by regular cybercriminals.” 

Cybersecurity lessons from the pandemic

The U.S. bipartisan watchdog group the Cyberspace Solarium Commission has released its first white paper, entitled “Cybersecurity Lessons from the Pandemic,” in which it connects learnings from the pandemic to cybersecurity wisdom. In addition to highlighting certain previous recommendations, the commission added several new suggestions for the nation at this time, including urging Congress to pass an IoT Security Law and establishing a Social Media Data and Threat Analysis Center. 

This week’s quote

“The FBI expects cyber actors to attempt to exploit new mobile banking customers using a variety of techniques, including app-based banking trojans and fake banking apps,” the FBI states in a report as hackers aim to take advantage of increased banking app usage while most continue to primarily use online banking. 

Babylon Health breach leaks patient videos

A rising player in the UK telehealth market, Babylon Health, has admitted that a software flaw in their service enabled a data breach whereby users could view each other’s consultation videos. The Verge reported that the breach became public when one user tweeted that he had access to over 50 videos of other patients’ recordings. A spokesperson for Babylon Health said the problem had been identified and resolved, reminding people that this was the result of a software error and not a malicious attack. 

This week’s stat
300,000

That’s the revised number of Nintendo players affected by a major privacy breach – updated after the company discovered another 140,000 to add to their initial estimate of 160,000. Read more at CNET.

Honda halts production due to cyber incident

Honda suspended some of its production operations in Ohio this week, claiming it had been targeted by a cyberattack. While the company has not confirmed the type of attack, NBC News reported that researchers suspect ransomware due to the discovery of Snake Ransomware samples customized to lock up Honda servers. Further indication that ransomware may be the cause is the fact that Honda says they discovered the attack on Sunday – ransomware actors tend to strike on weekends when they know there are fewer security personnel on duty.
...
Continue Reading
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AWZ Screen Recorder
AWZ Screen Recorder ...zevish — 11:05
Website X5 Go 2024.1
Website X5 Go 2024.1...zevish — 09:32
Apple's rules to allow third-party app ...
Apple has announ...alison30 — 09:28
Intel: Microsoft AI PCs need a Copilot K...
Microsoft hopes th...harlan4096 — 08:55
Synchredible 8 Professional Edition v8.2...
          Synchredib...zevish — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>