Cyware Monthly Threat Intelligence

Monthly Threat Briefing • May 13, 2020
Monthly Threat Briefing • May 13, 2020
Considering the exigency around COVID-19 themed cyberattacks, various industry leaders have stepped up to ensure enhanced and collaborative security practices. Last month, Microsoft released new security guidelines to safeguard against attacks on employees working from home during the pandemic. Also, the US Office for Civil Rights (OCR) dropped HIPAA penalties for community-based testing sites to assuage the operations of healthcare providers. Meanwhile, the two tech giants, Microsoft and Google, updated their respective cloud computing services to improve the security of data processing.
While the lockdown keeps everyone worried, hackers continue to upgrade capabilities of malicious exploits while enhancing their attack techniques. A security researcher reported multiple online firms blurting out email data of their customers to third-party advertising and analytics companies. In other news, hackers put 530,000 Zoom login credentials for sale on an underground marketplace. Also, Travelex paid $2.3 million ransom in bitcoin to get hold of their stolen data.
Among new threats, FPGA chips were found to be affected by two flaws that could expose several critical systems to attack. Also, researchers discovered several new malware like EventBot, LeetHozer botnet, Asnarök trojan, and more, last month. Additionally, the Trickbot trojan made a comeback, leveraging the Family and Medical Leave Act (FMLA) to create lures related to COVID-19.