You are here

Home » Cybersecurity

Cybersecurity

Security Awareness – Malicious Downloads Masquerade as Popular Virtual Conference Apps

Recently, virtual conferencing platform Zoom has received the lion’s share of criticism among collaboration platforms, but recent research by global cybersecurity firm Kaspersky reminds us that Zoom is not the only one being abused. Kaspersky’s findings reveal that Skype is the number one virtual conference platform being impersonated through malicious downloads. Unsurprisingly, fake apps masquerading as Zoom come in second, followed by WebEx, GoToMeeting, Flock, and Slack.

Coronavirus-Themed Cyber Threats – Same Threat, Different Lure

During the cybersecurity segment of the WaterISAC COVID-19 Web Briefing yesterday, we stressed that the current cyber threat landscape is not experiencing new/emerging threats. We stated how the ploys are the same, but it is the overall volume of attack techniques using coronavirus-themes that has increased. In other words, the product is the same, it has just been rebranded to appeal to more consumers.

Cyber Criminals Conduct BEC through Exploitation of Cloud-based Email Services

The FBI has released a Public Service Announcement (PSA) warning that cyber criminals are targeting organizations that use popular cloud-based email services to conduct business email compromise (BEC) scams. According to the PSA, the scams are initiated through specifically developed phish kits designed to mimic the cloud-based email services in order to compromise business email accounts and request or misdirect transfers of funds.

FBI Warns about COVID-19 BEC and Money Mules Schemes

The FBI has published two advisories warning about two types of cyber crime seeking to leverage the ongoing COVID-19 pandemic: business email compromise (BEC) and money mule schemes. Business email compromise (BEC) is a scam that targets anyone who performs legitimate funds transfers. The FBI observes that recently there has been an increase in BEC frauds targeting municipalities purchasing personal protective equipment or other supplies needed in the fight against COVID-19.

Perch Data Backs Up Coronavirus-Themed Cyber Attack Activity

To back up the scam reports in today's campaigns at-a-glance post, community intelligence and network monitoring firm (and WaterISAC partner) Perch Security offers some data to highlight the security impact and to what degree threat actors are trying to capitalize from an exploding remote workforce. Perch took a peek at full RDP (remote desktop)-based activity from its entire customer base over a 90-day period to validate or debunk its theory. According to Perch, the data revealed a swell in all RDP-based attack activity over the course of 90 days, with a spike toward the end of March.

Security Awareness – Coronavirus-Themed Cyber Attack Campaigns At-a-Glance

As we have observed over the past month, there has been no shortage of coronavirus-themed cyber attack campaigns. Dare we say, the campaigns even parallel the pandemic spread of the actual virus. Coronavirus is the biggest news on the planet, and cyber attackers are not ones to pass up an opportunity, no matter how tragic. Multiple factors contribute to the volume of related scams, but the biggest common denominator is arguably end users. There are multiple attack tactics per day - too numerous to keep up-to-date – that are taking advantage of vulnerable and distracted end users.

FBI Releases Guidance on Defending against VTC Hijacking and ZoomBombing

The FBI has released an article on defending against video-teleconferencing (VTC) hijacking that, as WaterISAC noted in its Tuesday Security and Resilience Update, is referred to as “ZoomBombing” when attacks are to the Zoom platform. Many organizations and individuals are increasingly dependent on VTC platforms, such as Zoom and Microsoft Teams, to stay connected during the COVID-19 pandemic.

Coronavirus-Themed Destructive Wiper Malware

Malicious actors are leaving no technique unturned as they continue to predictably use every conceivable method to wage their coronavirus-themed attack campaigns. While the ploys are the same, the deluge of themed attacks is unprecedented. Therefore, it should come as no surprise that malware authors would eventually develop successful disk wiping malware designed around a coronavirus theme.

B&R Automation Studio (ICSA-20-093-01) – Product Used in the Energy Sector

CISA has published an advisory on improper privilege management, missing required cryptographic step, and path traversal vulnerabilities in B&R Automation Studio. Numerous versions of this product are affected. Successful exploitation of these vulnerabilities could allow an attacker to delete arbitrary files from this system, fetch arbitrary files, or perform arbitrary write operations. B&R recommends applying product updates or applying a series of workarounds until updates can be applied. CISA also recommends a series of measures to mitigate the vulnerabilities.

Cyber Actors Take Advantage of COVID-19 Pandemic to Exploit Increased Use of Virtual Environments

The FBI has published a public service announcement (PSA) indicating that it anticipates cyber actors will exploit increased use of virtual environments by government agencies, the private sector, and individuals as a result of the COVID-19 pandemic. In the PSA, the FBI states it has received more than 1,200 complaints related to COVID-19 scams and that cyber actors have engaged in phishing campaigns against first responders, launched DDoS attacks against government agencies, deployed ransomware at medical facilities, and created fake COVID-19 websites that quietly download malware.

Pages

Subscribe to Cybersecurity