Under the pressure to deliver the best patient care, a cyberattack is the last thing hospitals should have to deal with. This week, CISA issued a warning to users urging them to patch Pulse Secure VPN after the government agency observed malicious attackers targeting the systems of U.S. hospitals and government entities with ransomware using stolen Active Directory credentials.
ISBuzz Team
Following the announcement from the NCSC around the launch of its ‘Suspicious email reporting service’, Industry expert commented below. https://twitter.com/BreakwaterIT/status/1252511486653673472
As reported by ZDNet, the National Cyber Security Centre, along with the Home Office, the Cabinet Office, the Department for Digital, Culture, Media and Sport (DCMS) and the City of London Police has launched a ‘Suspicious email reporting service’ for members of the public to alert the authorities to potential cyber attacks – whether coronavirus-themed scams or something else. This new initiative aims to build on the existing takedown services, which have already removed more than 2,000 online scams related to coronavirus in the last month, including 471 fake online shops selling fraudulent coronavirus related items, 555 malware distribution sites, 200…
With more people on furlough, home schooling and students unable to go to university, Britons are spending a lot more time using streaming services. These are becoming so popular since the lockdown that Disney+ has already gained 50 million subscribers since its launch on 24th March and Netflix is targeting a temporary 25% reduction in overall bandwidth consumption in to ease overloaded networks. And now this surge in usage has led hackers to develop a whole range of scam websites pretending to offer Disney+, Netflix and US-based streaming service Hulu for free. Cybersecurity specialist Mimecast found that Netflix has been a particularly popular service for cyber criminals, with over 700 suspicious domains impersonating…
Microsoft Security Intelligence has revealed that the TrickBot malware is being spread via a new phishing campaign that exploits the current COVID-19 crisis. The campaign offers fake virus advice and testing, installing the malware via ‘macro-laced’ malicious attachments. https://twitter.com/MsftSecIntel/status/1251181180281450498
Financial services industry hit hardest by bad bots, making up almost half of overall website traffic; Russia origin of most blocked attacks Imperva, Inc., today released its annual report titled: “2020 Bad Bot Report: The Bad Bots Strike Back.” The report investigates the automation that wreaks havoc on websites and mobile apps. The findings revealed bad bot traffic has increased compared to previous years, comprising almost one quarter (24.1%) of all website traffic and most heavily impacting the financial services industry. The report is based on 2019 data collected from Imperva’s global network including hundreds of billions of bad bot…
UK’s National Cyber Security Centre (NCSC) has taken down more than 2,000 online coronavirus scams last month. The NCSC has created a new national reporting service where members of the public can alert the authorities to potentially suspicious emails. If the content contains suspicious links or addresses, then the NCSC says it will be taken down. The data will also be analyzed to try to identify patterns that will allow for a quick takedown of new scam websites. https://twitter.com/SonicWall/status/1252545356409208833
Hackers have stolen more than $25 million in cryptocurrency from the Uniswap exchange and the Lendf.me lending platform. With both attacks taking place over the weekend – on Saturday and Sunday respectively – they are believed to be related, most likely carried out by the same group or individual. The ongoing investigation suggests that the hackers responsible appear to have chained together bugs and legitimate features from different blockchain technologies to orchestrate a sophisticated “reentrancy attack,” according to ZDNet. This type of attack allows threat actors to withdraw funds multiple times, in a loop, before the original transaction is approved or…
Clearview AI, the facial recognition startup, has left a misconfigured server exposed, which included data of the company’s internal files, apps and source code left open for anyone on the internet to access and run the apps from scratch. In addition to this, 70,000 videos from a residential building security camera were also left in one of Clearview’s cloud storage buckets, which depict the residents entering and leaving the building.
As reported by BBC News, plans to allow MPs to take part in some parliamentary business virtually have been approved by the body responsible for administration in the Commons. The House of Commons Commission said ministers will be quizzed via Zoom for the first time in the House’s 700-year history. This “unprecedented step” will “keep democracy going” during the coronavirus crisis, it said. MPs will have to approve the plan next week when they return on 21 April.