Cyber Bites

  More than 180 fraudulent coronavirus websites targeting vulnerable people have been taken down in the UK since the start of the outbreak. Nominet, the national domain name registry, said it had seen a surge in fraudsters spoofing government websites in an attempt to trick Britons into handing over their bank details and private data. Source: Telegraph

Video conferencing app Zoom is enjoying a huge spike in users as a result of the COVID-19 pandemic, as massive swathes of the world's workforce work from home at the same time. You would likely expect that such a rise to popularity might bring some road-bumps along the way, though, and Zoom has announced that one such issue has been cleared. A report from Motherboard last week revealed that its iOS app was sending data...

Chubb,  a major cybersecurity insurance provider for businesses hit by data breaches, has itself become a target of a data breach. The insurance giant told TechCrunch it was investigating a “security incident” involving the unauthorized access to data belonging to an unnamed third-party. Chubb spokesperson Jeffrey Zack said the company had “no evidence” the incident affected Chubb’s own network and that its network “remains fully operational.” Source: TechCrunch

Cyber criminals are posing as UK mobile network operator Three as part of a sophisticated phishing campaign designed to extract the financial details of its customers. The attack relies on a well-spoofed HTML document that entices Three customers to hand over everything from their password and personal details to credit card and payment information. Source: IT pro

  The Ryuk Ransomware operators to continue to target hospitals even as these organizations are overwhelmed during the Coronavirus pandemic. Last week BleepingComputer contacted various ransomware groups and asked if they would target hospitals and other healthcare organizations during the pandemic. Source: Bleeping Computer

Phishing emails have spiked by over 600% since the end of February as cyber-criminals look to capitalize on the fear and uncertainty generated by the COVID-19 pandemic, according to Barracuda Networks. The security vendor observed just 137 incidents in January, rising to 1188 in February and 9116 so far in March. Around 2% of the 468,000 global email attacks detected by the firm were classified as COVID-19-themed. Source: Infosecurity

Google says that it delivered almost 40,000 alerts of state-sponsored phishing or malware hacking attempts to its users during 2019, with a 25% drop when compared to the previous year. One of the reasons behind this notable drop in the number of government-backed hacking incidents is the increasingly effective protections Google sets up to protect its users. Due to the more effective protections, hackers are forced to slow down their attacks and try to adapt...

  In recent days, Nefilim, CLOP and Sekhmet have become the latest ransomware operations to launch data-leaking sites, as Bleeping Computer first reported on Tuesday. CLOP has been tied to an attack against Maastricht University in the Netherlands that resulted in the institution paying attackers a ransom of 30 bitcoins (now worth about $200,000). Nefilim appears to be a new version of Nemty and lists on its data-leak site two energy firms. And little is...

  Led by cybersecurity analysts Noam Rotem and Ran Locar, vpnMentor’s research team recently found a serious breach in an open Amazon S3 bucket owned by secure cloud storage provider Data Deposit Box. The leak exposed detailed information about 270,000 private files uploaded by customers through the company’s secure cloud storage service. The database also revealed personally identifiable information (PII) of customers, which could have serious consequences for those affected. Source: Security Magazine

  Researchers say that APT41’s exploits are part of one of the broadest espionage campaigns they’ve seen from a Chinese-linked actor “in recent years.” Researchers warn that APT41, a notorious China-linked threat group, has targeted more than 75 organizations worldwide in “one of the broadest campaigns by a Chinese cyber-espionage actor observed in recent years.” Source: Threatpost