From neurosoft.gr
Emotet is considered to be among the top malware threats, primarily spreading through emails and specifically using the email thread hijacking approach. In this latest report, researchers from University of Piraeus, Athena Research Center and Neurosoft have dissected the malware and conducted an in depth analysis of the Emotet campaign.
From cybernews.com
Network access to 7,500 organizations is being sold by a threat actor on multiple Russian hacker forums. According to the listings posted on October 3 and October 26, these mainly include educational organizations. However, the package also appears to include access to corporate networks from other verticals, such as entertainment and the bar industry.
From vpnmentor.com
In a technical report prepared by vpnmentor, it was revealled that a surveillance platform built to track and trace COVID-19 patients in India has been compromised due to a lack of data security protocols that inadvertently left access to the platform wide open, along with exposing the data of millions of people from across India.
Named “Surveillance Platform Uttar Pradesh Covid-19”, the software appears to have been built by the regional government of Uttar Pradesh, a state of India.
We have recently joined over 170 UK researchers and scientists by undersigning a statement enquiring about the contact tracing app developed by NSHX in the UK. Given that UK is among the most surveilled nations, we raise our concerns on the impact such initiative will have in the long run. The European Commission has already issued a recommendation on a common Union toolbox for the use of technology and data to combat and exit from the COVID-19 crisis, in particular concerning mobile applications and the use of anonymised mobility data.
The joint statement is available here.
From theregister.co.uk
Email ruse preying on COVID-19 fears sends data to crims, warns Mimecast.
Email security biz Mimecast has warned of a flight refund scam doing the rounds amid a general uptick in coronavirus-related online crime.
The scam itself is very simple and relies on current fears, some real, that airlines are reluctant to give refunds to customers who cannot fly because of the global coronavirus shutdown.
From cointelegraph.com
Opportunistic hackers are increasingly seeking to dupe victims using websites or applications purporting to provide information or services pertaining to coronavirus.
Cybersecurity threat researchers, DomainTools, have identified that the website coronavirusapp.site facilitates the installation of a new ransomware called “CovidLock.”
The website prompts its visitors to install an Android application that purportedly tracks updates regarding the spread of COVID-19, claiming to notify users when an individual infected with coronavirus is in their vicinity using heatmap visuals.
We would like to thank Vismit Rakhecha who reported a security issue and contributed to the improvement of the security of one of our services.