Hack-for-hire firms in India have been impersonating the World Health Organization in credential-stealing spearphishing email campaigns, Google's Threat Analysis Group said Wednesday. The hack-for-hire campaign, which has targeted healthcare companies, consulting firms, and financial services entities primarily in the U.S., Slovenia, Canada, Iran, Bahrain, and Cyprus, uses Gmail accounts imitating the WHO to direct victims to lookalike WHO websites. READ MORE...
An operation from the China-based cybercrime gang known as DoubleGun Group has been disrupted, which had amassed hundreds of thousands of bots that were controlled via public cloud services, including Alibaba and Baidu Tieba. NetLab 360 researchers, in a recent posting, said that it noticed DNS activity in its telemetry that traced back to a suspicious domain (pro.csocools[dot]com) controlling mass amounts of infected Windows devices. READ MORE...
As more Americans rely on package deliveries during the coronavirus pandemic, scammers are trying to capitalize on the tracking process by sending spoofed emails containing malicious software. Hackers are sending spoofed emails that appear to be from FedEx, UPS and DHL as part of a mass emailing campaign meant to infect victims' computers, according to research initially published on May 5 by the security vendor Votiro. READ MORE...
A fresh ransomware strain known as "[F]Unicorn" has emerged, first seen this week targeting users by pretending to be an official government COVID-19 contact tracing app. According to an advisory from the Computer Emergency Response Team (CERT) from the Agency for Digital Italy (AgID), the malware family is taking advantage of the rollout of "Immuni" - Italy's official coronavirus-tracking app. READ MORE...
Ring, Nest, SimpliSafe and eight other manufacturers of internet-connected doorbell and security cameras have been alerted to systemic design flaws discovered by Florida Tech computer science student Blake Janes that allows a shared account that appears to have been removed to actually remain in place with continued access to the video feed. Janes discovered the mechanism for removing user accounts does not work as intended on many camera systems because it does not remove active user accounts. READ MORE...
Developers of two open source code libraries for Secure Shell-the protocol millions of computers use to create encrypted connections to each other-are retiring the SHA-1 hashing algorithm, four months after researchers piled a final nail in its coffin. The moves, announced in release notes and a code update for OpenSSH and libssh respectively, mean that SHA-1 will no longer be a means for digitally signing encryption keys between two computers connected by Secure Shell (SSH). READ MORE...