Phishing Campaign Targets COVID-19 'Cold Chain'

Marianne Kolbasuk McGee • December 3, 2020

CISA, citing a new report by IBM, is warning organizations involved in COVID-19 vaccine production and distribution of a global phishing campaign targeting the cold storage and transport supply chain. Many vaccines in development must be kept at low temperatures before being administered.

COVID-19

Improving Enterprise Cyber Risk Management

Alleged Fraud at Billing Firm Spotlights Insider Risks

Latest

Application Security

Analysis: Apple iOS 'Zero-Click Exploit'

Anna Delaney • December 4, 2020

This edition of the ISMG Security Report features an analysis of a serious Apple iOS "zero-click exploit" that could have allowed hackers to remotely gain complete control of a device. Also featured: a discussion of identity proofing challenges and a review of New Zealand's updated Privacy Act.

Cybercrime

Trickbot Now Uses a Bootkit to Attack Firmware

Doug Olenick • December 3, 2020

Trickbot malware has been updated with a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities, according to a report from the security firms Eclypsium and Advanced Intelligence. These flaws, if exploited, can give an attacker the ability to brick a device.

General Data Protection Regulation (GDPR)

Microsoft Backpedals Over 'Productivity Score' Monitoring

Mathew J. Schwartz • December 3, 2020

Microsoft is revamping its controversial "productivity score" in Microsoft 365 so that individual workers can no longer be tracked. The move follows warnings by privacy advocates that the feature was a step too far into the realm of workplace surveillance.

Endpoint Security

Researchers: 25 Countries Use 'Circles' Spyware

Akshaya Asokan • December 3, 2020

Twenty-five countries are likely using spyware sold by a company called Circles that can snoop on mobile phone calls and text messages, according to The Citizen Lab, a research organization based at the University of Toronto.

COVID-19

Serious Apple iOS Exploit Enabled Nearby Device Takeover

Mathew J. Schwartz • December 2, 2020

Until May, all Apple iOS devices were vulnerable to a "zero-click exploit" that would have allowed hackers to remotely gain complete control and view all emails, photos, private messages and more, says Google security researcher Ian Beer. He alerted Apple to multiple vulnerabilities - all now patched.

Business Email Compromise (BEC)

FBI: BEC Scams Are Using Email Auto-Forwarding

Akshaya Asokan • December 2, 2020

Fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams, the FBI warns.

Cybercrime

DarkIRC Botnet Exploiting Oracle WebLogic Vulnerability

Prajeet Nair • December 2, 2020

A botnet called DarkIRC is exploiting a remote execution vulnerability in Oracle WebLogic, according to Juniper Threat Labs. Meanwhile, the malware used to create the botnet is being offered for sale on a darknet hacking forum.

Business Continuity Management / Disaster Recovery

Conti Ransomware Gang Posts Advantech's Data

Doug Olenick • December 1, 2020

The gang behind the Conti ransomware variant has posted data to its darknet website that it says it stole during a ransomware attack on industrial IoT chipmaker Advantech last month. The company reportedly confirmed the attack on Monday.

Cybercrime

Researchers Find Updated Variants of Bandook Spyware

Akshaya Asokan • December 1, 2020

Check Point Research has identified new variants of the long-dormant Bandook spyware that are being used for espionage campaigns across the world targeting government, financial, energy, food industry, healthcare, education, IT and legal organizations.

Fraud Management & Cybercrime

Fresh MacOS Backdoor Variant Linked to Vietnamese Hackers

Prajeet Nair • December 1, 2020

Trend Micro researchers have uncovered a macOS backdoor variant - designed to bypass security tools - that's linked to an advanced persistent threat group operating from Vietnam.

Fraud Management & Cybercrime

'Return to Office' Phishing Emails Aim to Steal Credentials

Prajeet Nair • November 30, 2020

Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office.

Critical Infrastructure Security

CISA Warns of Password Leak on Vulnerable Fortinet VPNs

Akshaya Asokan • November 28, 2020

CISA is warning about a possible password leak that could affect vulnerable Fortinet VPNs and lead to further exploitation. The latest agency notice comes just days after hackers began publishing what they claim are leaked passwords on underground forums, according to researchers.