Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 28 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Fighting cybercriminals is an ongoing battle

Securonix is on the frontlines

by Joel
March 27, 2020
in Featured, Hacking, Malware, Phishing and Ransomware
Securonix Logo
Share on FacebookShare on Twitter

If these uncertain times have proved anything it is that now, more than ever, maintaining cybersecurity is critical to ensuring business as usual; especially as the workforce is moving towards a remote working environment. This means that even the slightest disruption to daily operations can cause catastrophic damage to businesses, many of whom are already struggling with these precarious times.

With this in mind, we are fortunate that there are enterprises that put public wellbeing ahead of personal profit. In this day and age, it seems like this is all too rare and occurrence.

It is for this reason that Securnoix, a cybersecurity threat researcher, has been working tirelessly in order to ensure that cybercriminals do not get the upper hand in these ambiguous times. Securonix is on the front lines of the ongoing cybersecurity war, helping both corporations and private individuals to stay one step ahead of cybercriminals who prey on fear and uncertainty in order to exploit and defraud users. Securoinx is publishing a series of blogs outlining COVID-19 cyber threats in collaboration with other cybersecurity vendors to provide live updates on malware activity and freely publishing ransomware decryption codes.

The weekly updates highlight increased phishing activity originating from COVID-19 themed domains. In fact, one of the updates proved that more than 5,000 malicious domains were created in 96 hours following the announcement that COVID-19 was a global pandemic. This proves that cybercriminals will stop at nothing to exploit fear. With this in mind, the following information will help businesses of all sizes to continue to operate as normally as possible while reducing the risk of falling victim to malicious cyber activity.

Phishing

Securonix has detected and identified several email phishing campaigns impersonating official organisations, containing updates and recommendations connected to the disease, and in many cases, including malicious attachments. For instance, one organisation detected up to five different phishing campaigns within the first week of remote working alone. Legitimate-looking emails containing embedded links/attachments were received from suspicious and malicious domains. Indeed, security teams should be extra vigilant towards any ‘official’ emails circulated within their environments, taking extra precautions to spot social engineering techniques.

 

In order to reduce both the risk of a data breach, and the strain on security teams, we recommend blacklisting the following domains, and any other typo-squat variants, as they have been proven malicious:

 

antiviruscorona[.]icu,

anticoronaviruspro[.]icu,

coronaclean[.]icu,

coronasolve[.]xyz,

coronaviras[.]rest

VPNs

Further challenges arise with an increased remote workforce as there is a sharp rise in activity such as multi-factor authentication application logs. Indeed, some organisations, have noticed an unusual number (8-10x increase) of MFA enrolment requests in just the last 72 hours.

In addition to the above example, employees and remote workers (contracted vendors and partners) have also bombarded technical support teams to assist them in this process of enrolment. Attackers have also started to identify this as a potential vulnerability, and have begun impersonating users (social engineering techniques) based on the basic information they extract from LinkedIn and other platforms, and use this information to trick support teams into allowing “one-time passcodes”, or in some cases registering their devices for MFA approvals.

Also, security teams should be monitoring and vigilant of unusual login attempts. In fact, one enterprise recognised that an account was being accessed from 26 countries in only two weeks! Therefore, employees using private VPNs should be aware that this creates additional security concerns while simultaneously burdening security teams with false positives.

Throughout this uncertain time, we must be sure that we are doing our utmost to ensure that adequate security hygiene is being observed. This is an ongoing battle, and we must do our very best to fight against cybercriminals together. We are all responsible for the information that we process, and if we are to win this ongoing war then we must improve security standards. After all, we are all in this together.

 

FacebookTweetLinkedIn
Share6Tweet
Previous Post

Chubb data stolen by Maze ransomware

Next Post

The Great Security Survivor: Experts on Ransomware

Recent News

Guide to ransomware and how to detect it

Guide to ransomware and how to detect it

September 28, 2023
software security

Research reveals 80% of applications developed in EMEA contain security flaws

September 27, 2023
Cyber insurance

Half of organisations with cyber insurance implemented additional security measures to qualify for the policy or reduce its cost

September 27, 2023
Fraud and online banking

Akamai Research Finds the Number of Cyberattacks on European Financial Services More Than Doubled in 2023

September 27, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information