Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about tips you can use to secure your home office. Also, read about how Magecart Group 8 targeted the website of the blender manufacturer, NutriBullet, in an attempt to steal the payment-card data of its online customers.
Read on:
As COVID-19 continues to impact individuals, families, communities and businesses around the world, Trend Micro has taken action to ensure that the COVID-19 crisis does not impact the customer experience of its products or services. In this blog from Trend Micro’s chief operating officer, Kevin Simzer, learn about the steps that Trend Micro is taking to not only ensure employee safety, but to continue to deliver exceptional customer service.
RDP-Capable TrickBot Targets Telecoms Sectors in U.S. and Hong Kong
A recently discovered TrickBot variant targeting organizations in telecoms, education and financial services in the United States and Hong Kong includes a module for remote desktop protocol (RDP) brute-forcing, Bitdefender reports. The malware has mostly been distributed through spam emails but was also linked to infections with other malware.
How to Stay Safe as Online Coronavirus Scams Spread
Unfortunately, it’s extraordinary global events like COVID-19 that cyber-criminals look for in order to make their schemes more successful. As organizations enforce remote working to reduce the impact of the virus, many will be logging-on from home or mobile computing devices, which may have fewer built-in protections from such threats. This makes it more important than ever to know how the bad guys are trying to cash in on COVID-19 and what you can do to stay safe.
DDoS Attack Targets German Food Delivery Service
Cybercriminals have launched a distributed denial-of-service (DDoS) attack against German food delivery service Takeaway.com (Liefrando.de), demanding two bitcoins (about $11,000) to stop the flood of traffic. Liefrando delivers food from more than 15,000 restaurants in Germany, where people under COVID-19 restrictions depend on the service. The attack has now stopped, according to a report from BleepingComputer.
Suddenly Teleworking, Securely
Telework is not a new idea and a good percentage of the workforce already does so. But the companies who have a distributed workforce had time to plan for it, and to plan for it securely. This event can’t be treated like a quick rollout of an application: there are business, infrastructure, and customer security impacts. In this blog from Trend Micro’s vice president of cybersecurity, Greg Young, learn how to set yourself up for secure remote work success.
COVID-19: With Everyone Working from Home, VPN Security Has Now Become Paramount
With most employees working from home amid today’s COVID-19 (coronavirus) outbreak, enterprise VPN servers have now become paramount to a company’s backbone, and their security and availability must be the focus going forward for IT teams.
New Ursnif Campaign Targets Users in Japan
Trend Micro researchers recently detected a new Ursnif campaign targeting users in Japan. The malware is distributed through infected Microsoft Word documents coming from spam emails. Ursnif, also known as Gozi, is an information stealer that collects login credentials from browsers and email applications. It has capabilities for monitoring network traffic, screen capturing, and keylogging.
Trend Micro’s David Sancho on Criminals’ Favorite IoT Targets
In this video, Trend Micro Senior Researcher David Sancho speaks with CyberScoop Editor-in-Chief Greg Otto about his 2020 RSA Conference presentation, which looked at where criminals are infecting Internet of Things targets.
New Variant of Paradise Ransomware Spreads Through IQY Files
Internet Query Files (IQY) were used to deliver a new variant of Paradise ransomware, as reported by Last Line. The said file type has not been associated with this ransomware family before. In the past, IQY files were typically used in other malware campaigns, such as the Necurs botnet that distributes IQY files to deliver FlawedAmmy RAT.
Magecart Cyberattack Targets NutriBullet Website
Magecart Group 8 targeted the website of the blender manufacturer, NutriBullet, in an attempt to steal the payment-card data of its online customers. Yonathan Klijnsma, threat researcher with RiskIQ, said in a post that a JavaScript web skimmer code was first inserted on the website of the blender retailer on Feb. 20, specifically targeting the website’s checkout page.
The IIoT Threat Landscape: Securing Connected Industries
The Industrial Internet of Things (IIoT) provides bridges of connectedness that enable seamless IT and OT convergence. However, threat actors can cross these bridges to compromise systems. As the use of IoT extends beyond the home and goes into the vast industrial landscape, the scale of threats likewise grows for smart factories, smart cities, connected cars, and other smart environments.
What are you doing to secure your home office devices? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
