North Korea has been accused of attempting to steal information on coronavirus vaccines and treatments. In light of this, please see the comment below from cybersecurity experts on why it is vital for organizations to look at their business through the eyes of nation-state bad actors to prevent future attacks.
ISBuzz Team
Researchers with Confiant Security are reporting that “ScamClub” malvertisers are exploiting a browser zero day to redirect traffic to scam sites. Their report says: “Active for at least several years now, ScamClub malvertisements are defined mainly by forced redirections to scams that offer prizes to “lucky” users, like the all too ubiquitous “You’ve won a Walmart giftcard!” or “You’ve won an iPhone!” landing pages. Over the last 90 days, ScamClub has delivered over 50MM malicious impressions, maintaining a low baseline of activity augmented by frequent manic bursts — with as many as 16MM impacted ads being served in a single day.” Cybersecurity…
A vulnerability is found on the popular Android app SHAREit, a mobile that allows users to share files with friends or between personal devices. The vulnerability allows an adversary to run malicious code on the smartphone containing the app. This vulnerability is reported by TrendMicro on Monday and below is the reaction from cybersecurity experts.
There is an increase in voice calls exploitation incidents that aim to steal money. According to the responses of more than 2,000 consumers and 300 business professionals, 75% of Americans surveyed were targeted by scammers over the past 12 months. In 2020, more than 50 billion spam calls were made to Americans and more than 157 billion spam calls were made in North America and Europe – 58% of which were fraudulent. Here are the stats: 40% of all respondents reported losing money to phone scams in 2020; more than 7% of Americans reported losing more than $500 to…
Security researchers at Fortinet have discovered a new phishing campaign that uses a variant of the Bazar trojan which uses anti-analysis techniques to make it more difficult for antivirus software to detect. The anti-analysis techniques use different techniques such as hiding malicious APIs in the code, extra code obfuscation, and encrypting part of the code to make it difficult to analyze.
According to its February report, the U.S. Customs and Border Protection used facial recognition tools to scan over 23 million travelers’ faces at 30-plus points of entry in 2020, and failed to turn up a single example of an individual impersonating someone else at an airport.
Researchers from RiskSense have identified as many as 223 distinct IT security vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database used in attacks involving ransomware in 2020. This shows that the ransomware families are growing and becoming more complex with time.
Following the recent story that six in ten people are concerned that their mobile devices are listening to their private conversations, please find a comment below from a cybersecurity expert.
It is being reported that Virginia is poised to follow in California’s footsteps and pass a privacy law becoming the second state in the country to adopt a comprehensive online data protection law for consumers.
A hacking group with ties to the Indian military adopted a pair of mobile surveillance tools to spy on geopolitical targets in Pakistan and Kashmir amid persistent regional tensions between the nuclear-armed neighbors, according to a report from cybersecurity company, Lookout Inc. The group is known for commandeering legitimate web services in South Asia and embedding surveillance tools or malware inside these apps and services to conduct espionage.