IBM X-Force has released a report on malicious cyber actors targeting the COVID-19 cold chain—an integral part of delivering and storing a vaccine at safe temperatures. Impersonating a biomedical company, cyber actors are sending phishing and spearphishing emails to executives and global organizations involved in vaccine storage and transport to harvest account credentials. The emails have been posed as requests for quotations for participation in a vaccine program.
This holiday season, more consumers than ever will be shopping digitally - and cybercriminals are already capitalizing on the opportunity. Greg Foss, Senior Cybersecurity Strategist at VMware Carbon Black, looked through the dark web to find that: There’s a continued rise in e-skimming attacks in the retail sector, where attackers inject JavaScript into website payment processing pages in order to siphon credit cards and account credentials from customers.
The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC), a community for sharing sector-specific cybersecurity information and intelligence, announced it latest board members and officers.
The findings of Johnson Controls' annual Energy Efficiency Indicator survey finds that more than half of organizations plan to increase investment in energy efficiency, renewable energy and smart building technology next year, comparable with investment trends after the 2010 recession.
The National Center for Missing & Exploited Children (NCMEC) was looking for a critical communications solution to serve as its primary mass notification system for its AMBER Alerts.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at individuals and organizations that focus on international affairs or national security policy. The following guidance may assist U.S. think tanks in developing network defense procedures to prevent or rapidly detect these attacks.
ESET researchers discovered a previously undocumented backdoor and document stealer used for cyber-espionage. ESET has been able to attribute the program, dubbed Crutch by its developers, to the infamous Turla APT group. It was in use from 2015 until at least early 2020. ESET has seen Crutch on the network of a Ministry of Foreign Affairs in a country of the European Union, suggesting that this malware family is only used against very specific targets. These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators.
Due to COVID-19 as well as other factors, online shopping is expected to continue to increase through the holiday season and with the increase, comes an increase in people stealing those delivered packages (a.k.a. porch piracy). The Mentor Police Department in Ohio is determined to do what it can to curb this behavior in their city.
After demonstrations across France throughout the past week against the country's "Global Security Law," the French President Emmanuel Macron's ruling party has acknowledged this week that they promise to change the wording of the proposed security law. The law includes controversial verbiage that protesters say would expand law enforcement and the country's right to monitor citizens.
Huntsville City Schools in Alabama will remain closed for the week amid a ransomware cyberattack. According to a school spokesperson the district immediately responded after finding out about the breach.
RSS
