DTX Manchester DTX Manchester
  • About Us
Sunday, 17 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Fighting cybercriminals is an ongoing battle

Securonix is on the frontlines

by Joel
March 27, 2020
in Featured, Hacking, Malware, Phishing and Ransomware
Securonix Logo
Share on FacebookShare on Twitter

If these uncertain times have proved anything it is that now, more than ever, maintaining cybersecurity is critical to ensuring business as usual; especially as the workforce is moving towards a remote working environment. This means that even the slightest disruption to daily operations can cause catastrophic damage to businesses, many of whom are already struggling with these precarious times.

With this in mind, we are fortunate that there are enterprises that put public wellbeing ahead of personal profit. In this day and age, it seems like this is all too rare and occurrence.

It is for this reason that Securnoix, a cybersecurity threat researcher, has been working tirelessly in order to ensure that cybercriminals do not get the upper hand in these ambiguous times. Securonix is on the front lines of the ongoing cybersecurity war, helping both corporations and private individuals to stay one step ahead of cybercriminals who prey on fear and uncertainty in order to exploit and defraud users. Securoinx is publishing a series of blogs outlining COVID-19 cyber threats in collaboration with other cybersecurity vendors to provide live updates on malware activity and freely publishing ransomware decryption codes.

The weekly updates highlight increased phishing activity originating from COVID-19 themed domains. In fact, one of the updates proved that more than 5,000 malicious domains were created in 96 hours following the announcement that COVID-19 was a global pandemic. This proves that cybercriminals will stop at nothing to exploit fear. With this in mind, the following information will help businesses of all sizes to continue to operate as normally as possible while reducing the risk of falling victim to malicious cyber activity.

Phishing

Securonix has detected and identified several email phishing campaigns impersonating official organisations, containing updates and recommendations connected to the disease, and in many cases, including malicious attachments. For instance, one organisation detected up to five different phishing campaigns within the first week of remote working alone. Legitimate-looking emails containing embedded links/attachments were received from suspicious and malicious domains. Indeed, security teams should be extra vigilant towards any ‘official’ emails circulated within their environments, taking extra precautions to spot social engineering techniques.

 

In order to reduce both the risk of a data breach, and the strain on security teams, we recommend blacklisting the following domains, and any other typo-squat variants, as they have been proven malicious:

 

antiviruscorona[.]icu,

anticoronaviruspro[.]icu,

coronaclean[.]icu,

coronasolve[.]xyz,

coronaviras[.]rest

VPNs

Further challenges arise with an increased remote workforce as there is a sharp rise in activity such as multi-factor authentication application logs. Indeed, some organisations, have noticed an unusual number (8-10x increase) of MFA enrolment requests in just the last 72 hours.

In addition to the above example, employees and remote workers (contracted vendors and partners) have also bombarded technical support teams to assist them in this process of enrolment. Attackers have also started to identify this as a potential vulnerability, and have begun impersonating users (social engineering techniques) based on the basic information they extract from LinkedIn and other platforms, and use this information to trick support teams into allowing “one-time passcodes”, or in some cases registering their devices for MFA approvals.

Also, security teams should be monitoring and vigilant of unusual login attempts. In fact, one enterprise recognised that an account was being accessed from 26 countries in only two weeks! Therefore, employees using private VPNs should be aware that this creates additional security concerns while simultaneously burdening security teams with false positives.

Throughout this uncertain time, we must be sure that we are doing our utmost to ensure that adequate security hygiene is being observed. This is an ongoing battle, and we must do our very best to fight against cybercriminals together. We are all responsible for the information that we process, and if we are to win this ongoing war then we must improve security standards. After all, we are all in this together.

 

0 0 vote
Article Rating
FacebookTweetLinkedIn
Share6TweetShare
Previous Post

Chubb data stolen by Maze ransomware

Next Post

The Great Security Survivor: Experts on Ransomware

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

game

400,000 customer details compromised in Resident Evil and Street Fighter gaming company ransomware attack

January 15, 2021

XSS vulnerability affects government websites

January 15, 2021

COVID-19 State of Remote Work Survey: 34% of Workers Felt Pressure to Return to the Office

January 15, 2021
CCTV used to spy

Ethics Officer Facing Cyberstalking Charge

January 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept